216.73.217.139

CVE-2025-13175

· Published 14/01/2026 13:16 · Modified 14/01/2026 16:25

Labels: CVE-2025-13175 2026-01-14CVE-2025-13175CWE-549[email protected]

Essential information

Published
14/01/2026 13:16
Modified
14/01/2026 16:25
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Y Soft SafeQ 6 renders the Workflow Connector password field in a way that allows an administrator with UI access to reveal the value using browser developer/inspection tools. The affected customers are only those with a password-protected scan workflow connector. This issue affects Y Soft SafeQ 6 in versions before MU106.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
y soft / safeq cpe:2.3:a:y_soft:safeq:<MU106:*:*:*:*:*:*:*

References