Security Advisory

CVE-2025-52392

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-13 00:00:00
Last updated 2025-08-19 15:30:35
Assigner mitre
State PUBLISHED

Description

Soosyze CMS 2.0 allows brute-force login attacks via the /user/login endpoint due to missing rate-limiting and lockout mechanisms. An attacker can repeatedly submit login attempts without restrictions, potentially gaining unauthorized administrative access. This vulnerability corresponds to CWE-307: Improper Restriction of Excessive Authentication Attempts.