Medium severity6.5NVD Advisory· Published Feb 28, 2025· Updated Jun 17, 2026
CVE-2025-25478
CVE-2025-25478
Description
The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of the web application s source code, exposing sensitive information such as the database password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/sysentr0py/CVEs/tree/main/CVE-2025-25478nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.