VYPR
High severity7.5NVD Advisory· Published Mar 6, 2026· Updated Jun 2, 2026

CVE-2025-70363

CVE-2025-70363

Description

Incorrect access control in the REST API of Ibexa & Ciril GROUP eZ Platform / Ciril Platform 2.x allows unauthenticated attackers to access sensitive data via enumerating object IDs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Ibexa/Ez Platform3 versions
    cpe:2.3:a:ibexa:ez_platform:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibexa:ez_platform:*:*:*:*:*:*:*:*range: >=2.0.0,<=2.5.32
    • (no CPE)range: 2.x
    • (no CPE)range: 2.x
  • Ibexa & Ciril GROUP/eZ Platform / Ciril Platformdescription
  • Range: 2.x

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.