CVE-2025-13787 | ZenTao up to 21.7.6-8564 File module/file/control.php file::delete fileID privileges management

A vulnerability, which was classified as critical, was found in ZenTao up to 21.7.6-8564. The affected element is the function file::delete of the file module/file/control.php of the component File Handler. Executing manipulation of the argument fileID can lead to improper privilege management.

This vulnerability is registered as CVE-2025-13787. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More