CVE-2025-39513

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Apr 16, 2025

CWE ID 862

Summary

CVE-2025-39513: ActiveDEMAND's Online Agency Marketing Automation platform contains a Missing Authorization vulnerability. The flaw permits unauthorized access to functionality that is not adequately controlled by Access Control Lists (ACLs). This issue potentially affects ActiveDEMAND versions from n/a through 0.2.46. Unauthorized users may exploit this vulnerability to gain unintended access to critical features, ultimately leading to potential data breaches or system disruptions. It is strongly recommended that affected organizations apply patches or upgrades as soon as possible to mitigate these risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/5RRxh9
https://www.cve.org/CVERecord?id=CVE-2025-39513
https://nvd.nist.gov/vuln/detail/CVE-2025-39513

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners

CVE-2025-39513

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations