5 matches found
EUVD-2025-202462
Ibexa is a composable end-to-end DXP Digital Experience Platform. Versions 5.0.0-beta1 through 5.0.3 do not have password validation. During the transition from v4 to v5 an error was introduced into validation code which causes the validation of the previous password not to run as expected. This...
CVE-2025-67719 Ibexa User Bundle is missing password change validation
Ibexa is a composable end-to-end DXP Digital Experience Platform. Versions 5.0.0-beta1 through 5.0.3 do not have password validation. During the transition from v4 to v5 an error was introduced into validation code which causes the validation of the previous password not to run as expected. This...
Ibexa User Bundle 安全漏洞
Ibexa User Bundle is an open source content management system from Ibexa. A security vulnerability exists in Ibexa User Bundle versions 5.0.0-beta1 through 5.0.3, which stems from a lack of password validation that could cause a logged-in user to change their password without having to know the o...
GHSA-X93P-W2CH-FG67 Ibexa User Bundle is missing password change validation
Impact The vulnerability is in the password change dialog in the back office. During the transition from v4 to v5 a mistake was made in the validation code which caused the validation of the previous password to not run as expected. This made it possible for a logged in user to change password in...
Ibexa User Bundle is missing password change validation
Impact The vulnerability is in the password change dialog in the back office. During the transition from v4 to v5 a mistake was made in the validation code which caused the validation of the previous password to not run as expected. This made it possible for a logged in user to change password in...