Security Advisory

CVE-2025-29993

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-27 09:06:53

Last updated 2025-03-27 13:30:08

Assigner jpcert

State PUBLISHED

Description

The affected versions of PowerCMS allow HTTP header injection. This vulnerability can be leveraged to direct the affected product to send email with a tampered URL, such as password reset mail.

← Browse all CVEs View on cve.org ↗