Unrated severityNVD Advisory· Published Feb 14, 2025· Updated Feb 14, 2025
Incorrect input validation could allow an authenticated user to read sensitive information
CVE-2025-25206
Description
eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/elabftw/elabftw/releases/tag/5.1.15mitrex_refsource_MISC
- github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77ggmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.