CVE-2025-66385 | Cerebrate up to 1.29 UsersController::edit organisation_id external control of assumed-immutable web parameter

A vulnerability classified as problematic has been found in Cerebrate up to 1.29. Impacted is the function UsersController::edit. This manipulation of the argument organisation_id causes external control of assumed-immutable web parameter.

This vulnerability is registered as CVE-2025-66385. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More