CVE-2025-32255

Medium

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ERA404 StaffList stafflist allows Retrieve…

Patchstack·CWE-497·Published 2025-04-04

CVSS

5.3

EPSS

0.00

KEV

Exploits

cve.orgen

215 chars

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ERA404 StaffList stafflist allows Retrieve Embedded Sensitive Data.This issue affects StaffList: from n/a through <= 3.2.7.

NVDen

215 chars

NVDes

236 chars

Exposición de información sensible del sistema a una vulnerabilidad de esfera de control no autorizada en ERA404 StaffList permite recuperar datos sensibles incrustados. Este problema afecta a StaffList desde n/d hasta la versión 3.2.6.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.1	Secondary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N