Vulnerability in Ibexa User
CVE-2025-67719
Ibexa is a composable end-to-end DXP (Digital Experience Platform). Versions 5.0.0-beta1 through 5.0.3 do not have password validation. During the transition from v4 to v5 an error was introduced into validation code which causes the valid…
EPSS: 0.001 (3.0th percentile) — read the EPSS interpretation.
Affected products
- Ibexa User — versions >= 5.0.0-beta1, < 5.0.4
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC)