CVE
2025-25766
Public CVE-2025-25766 disclosure
A vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrarily delete users via a crafted request.
Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.
Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.