Information disclosure in Codidact Qpixel
CVE-2025-22138
@codidact/qpixel is a Q&A-based community knowledge-sharing software. In affected versions when a category is set to private or limited-visibility within QPixel's admin tools, suggested edits within this category can still be viewed by unp…
Vulnerability class: Information Disclosure
EPSS: 0.004 (29.0th percentile) — read the EPSS interpretation.
Affected products
- Codidact Qpixel — versions <= 0.9.0
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)