- Description
- eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available.
- Source
- security-advisories@github.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.3
- Impact score
- 5.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
- Severity
- HIGH
- security-advisories@github.com
- CWE-89
- Hype score
- Not currently trending
๐จ CVE-2025-25206 ๐ด HIGH (8.3) ๐ข elabftw - elabftw ๐๏ธ < 5.1.15 ๐ https://t.co/Y1jJj1eSUC ๐ https://t.co/xyzqlsT8LZ #CyberCron #VulnAlert https://t.co/n2SfKZgXW5
@cybercronai
15 Feb 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25206 eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read โฆ https://t.co/vd3o8FdnwI
@CVEnew
14 Feb 2025
254 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-25206: HIGH] Upgrade to eLabFTW version 5.1.15 now! Prior versions have a security flaw allowing users to access sensitive data. Protect your research lab from cyber threats.#cybersecurity,#vulnerability https://t.co/ELBIHRE1lz https://t.co/HM1NNce8qg
@CveFindCom
14 Feb 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes