Description

eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available.

INFO

Published Date :

2025-02-14T16:47:04.660Z

Last Modified :

2025-02-14T17:28:44.566Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-25206 vulnerability.

Vendors Products
Elabftw
  • Elabftw
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-25206.

URL Resource
https://github.com/elabftw/elabftw/releases/tag/5.1.15 cve-icon cve-icon
https://github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77gg cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact