{"id":70536,"date":"2025-09-19T19:33:07","date_gmt":"2025-09-19T16:03:07","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-8532-idor-in-bimsers-eba-document-and-workflow-management-system\/"},"modified":"2025-09-19T19:33:07","modified_gmt":"2025-09-19T16:03:07","slug":"cve-2025-8532-idor-in-bimsers-eba-document-and-workflow-management-system","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-8532-idor-in-bimsers-eba-document-and-workflow-management-system\/","title":{"rendered":"CVE-2025-8532 &#8211; IDOR in Bimser&#8217;s eBA Document and Workflow Management System"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-8532<br \/>\n<br \/>\n<strong>Published : <\/strong> Sept. 19, 2025, 2:12 p.m. | 52\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>Authorization Bypass Through User-Controlled Key, CWE &#8211; 862 &#8211; Missing Authorization, \u2013 Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows \u2013 Exploitation of Trusted Identifiers, \u2013 Exploitation of Authorization, \u2013 Variable Manipulation.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 6.4 | MEDIUM<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-8532 Published : Sept. 19, 2025, 2:12 p.m. | 52\u00a0minutes ago Description : Authorization Bypass Through User-Controlled Key, CWE &#8211; 862 &#8211; Missing Authorization, \u2013 Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows \u2013 Exploitation of Trusted Identifiers, \u2013 Exploitation of Authorization, \u2013 Variable &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-70536","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/70536","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=70536"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/70536\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=70536"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=70536"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=70536"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}