EUVD-2025-32490

🗓️ 06 Oct 2025 05:32:05Reported by EUVDType

Mangati NovoSGA vulnerability up to 2.2.12 enables remote password confirmation manipulation; exploit published.

Reporter	Title	Published	Views	Family All 11
CNNVD	Mangati NovoSGA 安全漏洞	6 Oct 202500:00	–	cnnvd
CVE	CVE-2025-11322	6 Oct 202505:32	–	cve
Cvelist	CVE-2025-11322 Mangati NovoSGA User Creation new weak password	6 Oct 202505:32	–	cvelist
Github Security Blog	NovoSGA: Manipulation of User Creation Page can lead to weak password requirements	6 Oct 202506:32	–	github
NVD	CVE-2025-11322	6 Oct 202506:15	–	nvd
OSV	GHSA-XGR2-5837-HF48 NovoSGA: Manipulation of User Creation Page can lead to weak password requirements	6 Oct 202506:32	–	osv
Positive Technologies	PT-2025-40851	6 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-11322	7 Oct 202506:09	–	redhatcve
Snyk	Weak Password Requirements	6 Oct 202506:32	–	snyk
Veracode	Weak-password Policy Bypass	27 Nov 202507:34	–	veracode

[
  {
    "enisaIdVendor": [
      {
        "id": "6cf939c7-5205-3400-8a19-c24b6c37f3c3",
        "vendor": {
          "name": "Mangati"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "017eb4c2-6248-3d0a-b0ba-60c9cc3084ad",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.9"
      },
      {
        "id": "184413bd-6516-30ec-9f83-cea89b975052",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.11"
      },
      {
        "id": "203f02b3-7dbf-38e1-9fa2-100b1d3ab3e4",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.7"
      },
      {
        "id": "367062be-c30d-3b54-baca-105700e23e94",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.4"
      },
      {
        "id": "5100dfa7-f71b-381b-8403-a8e5b78ee79e",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.10"
      },
      {
        "id": "523033b7-4ba3-388e-b2aa-1e1c0d1f2d9a",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.1"
      },
      {
        "id": "5a2aa7f2-7d3a-3787-abdb-01f2d30a5638",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.2"
      },
      {
        "id": "5dc8f71a-f7f9-390f-96bb-2af58b830525",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.6"
      },
      {
        "id": "7030124d-5e9a-349c-a9ee-45d8debb344f",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.0"
      },
      {
        "id": "7d7af41c-1f3a-304e-a12c-772d7173f361",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.3"
      },
      {
        "id": "9e611add-ce9f-362d-ac2d-c0c239282c3f",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.12"
      },
      {
        "id": "dc10d63a-c904-3ec0-877e-788c81ffe7f8",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.5"
      },
      {
        "id": "f8e48598-e239-304a-a2ef-0a6cd5101ec5",
        "product": {
          "name": "NovoSGA"
        },
        "product_version": "2.2.8"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-11322
github	www.github.com/marcelomulder/CVE/blob/main/NovoSga/CVE-2025-11322.md
github	www.github.com/marcelomulder/CVE/blob/main/NovoSga/Weak%20Password%20Policy%20in%20Novosga.md
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

06 Oct 2025 17:18Current

6Medium risk

Vulners AI Score6

CVSS 46.3

CVSS 22.6

CVSS 3.13.7

CVSS 33.7

EPSS0.00043

SSVC