Unrated severityNVD Advisory· Published Oct 27, 2025· Updated Oct 27, 2025
CVE-2025-27225
CVE-2025-27225
Description
TRUfusion Enterprise through 7.10.4.0 exposes the /trufusionPortal/jsp/internal_admin_contact_login.jsp endpoint to unauthenticated users. This endpoint discloses sensitive internal information including PII to unauthenticated attackers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- TRUfusion/TRUfusion Enterprisedescription
- Range: <=7.10.4.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.