Security Advisory

CVE-2025-60790

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-21 00:00:00

Last updated 2025-10-27 15:39:25

Assigner mitre

State PUBLISHED

Description

ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service.

← Browse all CVEs View on cve.org ↗