Security Advisory

CVE-2025-59116

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-18 13:26:56

Last updated 2025-12-05 12:21:56

Assigner CERT-PL

State PUBLISHED

Description

Windu CMS is vulnerable to User Enumeration. This issue occurs during logon, where a difference in messages could allow an attacker to determine if the login is valid or not, enabling a brute force attack with valid logins. Only version 4.1 was tested and confirmed as vulnerable. This issue was fixed in version 4.1 build 2250.

← Browse all CVEs View on cve.org ↗