Unrated severityNVD Advisory· Published Sep 30, 2025· Updated Sep 30, 2025
Insecure Direct Object Reference in GPS BOLD Workplanner
CVE-2025-41096
Description
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2.5.25
- Range: 2.5.24
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.