Security Advisory

CVE-2025-61524

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-08 00:00:00

Last updated 2025-10-14 14:11:52

Assigner mitre

State PUBLISHED

Description

An issue in the permission verification module and organization/application editing interface in Casdoor v2.26.0 and before, and fixed in v.2.63.0, allows remote authenticated administrators of any organization within the system to bypass the systems permission verification mechanism by directly concatenating URLs after login

← Browse all CVEs View on cve.org ↗