CVE-2025-34411 | EQS Convercent Whistleblowing Platform up to 2025-12-15 API Endpoint /GetLegalEntity authorization

Inserito da Angelo Barbosa | Dic 15, 2025 | CVE

A vulnerability was found in EQS Convercent Whistleblowing Platform up to 2025-12-15. It has been classified as problematic. Affected is an unknown function of the file /GetLegalEntity of the component API Endpoint. The manipulation leads to missing authorization.

This vulnerability is uniquely identified as CVE-2025-34411. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-34411 | EQS Convercent Whistleblowing Platform up to 2025-12-15 API Endpoint /GetLegalEntity authorization

Post correlati

CVE-2024-5839 | Google Chrome prior 126.0.6478.54 Memory Allocator heap-based overflow (ID 340122)

CVE-2024-23614 | Symantec Messaging Gateway up to 9.5 memory corruption

CVE-2024-37433 | EverPress Mailster Plugin up to 4.0.9 on WordPress cross site scripting

CVE-2024-11200 | Goodlayers Core Plugin up to 2.0.7 on WordPress font-family cross site scripting