3 matches found
CVE-2025-53374
Dokploy is a self-hostable Platform as a Service PaaS that simplifies the deployment and management of applications and databases. An authenticated low-privileged account can retrieve detailed profile information about another users in the same organization by directly invoking user.one. The...
CVE-2025-53374 Dokploy Improperly Discloses User Information via user.one Endpoint
Dokploy is a self-hostable Platform as a Service PaaS that simplifies the deployment and management of applications and databases. An authenticated low-privileged account can retrieve detailed profile information about another users in the same organization by directly invoking user.one. The...
CVE-2025-53374
CVE-2025-53374 – Dokploy is a self-hosted PaaS. An authenticated low-privileged user can disclose PII by calling the internal user.one endpoint, exposing email, role, 2FA status, organization ID, and account flags for other users in the same organization. This is a data exposure vulnerability tie...