CVE-2025-52392 – Soosyze CMS Unrestricted Brute-Force Login Attack Vulnerability

CVE ID : CVE-2025-52392

Published : Aug. 13, 2025, 2:15 p.m. | 31 minutes ago

Description : Soosyze CMS 2.0 allows brute-force login attacks via the /user/login endpoint due to missing rate-limiting and lockout mechanisms. An attacker can repeatedly submit login attempts without restrictions, potentially gaining unauthorized administrative access. This vulnerability corresponds to CWE-307: Improper Restriction of Excessive Authentication Attempts.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…