CVE-2025-28104

{"id": "CVE-2025-28104", "cveTags": [], "metrics": {}, "published": "2025-04-21T18:15:22.520", "references": [{"url": "https://gist.github.com/coleak2021/d5fea0f7d32a2de38130da089f4fb735", "source": "cve@mitre.org"}, {"url": "https://github.com/DogukanUrker/flaskBlog/issues/130", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input."}, {"lang": "es", "value": "El control de acceso incorrecto en laskBlog v2.6.1 permite a los atacantes acceder a todos los nombres de usuario a trav\u00e9s de una entrada manipulada espec\u00edficamente para ello."}], "lastModified": "2025-04-23T14:08:13.383", "sourceIdentifier": "cve@mitre.org"}