Logo Software Industry CVE-2025-12059
CRITICALSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo j-Platform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Logo j-Platform: from 3.29.6.4 before 3.34.8.9.
AnalysisAI
Sensitive information exposure in Logo j-Platform via externally-accessible files or directories.
Technical ContextAI
CWE-538 in Logo j-Platform. Sensitive files accessible without authentication.
Affected ProductsAI
Logo j-Platform
RemediationAI
Apply vendor patch.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today