← Back to CVEs
CVE-2025-69752
MEDIUM4.3
Description
An issue in the "My Details" user profile functionality of Ideagen Q-Pulse 7.1.0.32 allows an authenticated user to view other users' profile information by modifying the objectKey HTTP parameter in the My Details page URL.
CVE Details
CVSS v3.1 Score4.3
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published2/12/2026
Last Modified2/18/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-639
References
http://ideagen.com(cve@mitre.org)
http://q-pulse.com(cve@mitre.org)
https://github.com/brtsec/public-advisories/tree/main/advisories/CVE-2025-69752(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.