CVE-2025-13829 – Data Illusion Zumbrunn NGSurvey Unauthorized Information Disclosure

CVE ID : CVE-2025-13829

Published : Dec. 1, 2025, 3:47 p.m. | 38 minutes ago

Description : Incorrect Authorization vulnerability in Data Illusion Zumbrunn NGSurveyallows any logged-in user to obtain the private information of any other user.

Critical information retrieved:
* APIKEY (1 year user Session)
* RefreshToken (10 minutes user Session)
* Password hashed with bcrypt
* User IP
* Email
* Full Name

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-3500 – Integer Overflow in Avast Antiviurs 25.1.981.6 on Windows may result in privilege escalation

CVE-2025-64775 – Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS)

CVE-2025-8351 – Scanning a malformed file in Avast Antivirus 8.3.70.94 on MacOS may result in remote code execution

CVE-2025-10101 – Crafted Mach-O file may allow Remote Code Execution in Avast Antivirus 15.7 on MacOS