[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)

To: "fulldisclosure@xxxxxxxxxxxx" <fulldisclosure@xxxxxxxxxxxx>
Subject: [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
From: Yuffie Kisaragi via Fulldisclosure <fulldisclosure@xxxxxxxxxxxx>
Date: Mon, 15 Dec 2025 16:40:14 +0000

UPDATE:


The reported vulnerabilities have now been assigned CVE identifiers:
CVE-2025-34411: https://www.cve.org/cverecord?id=CVE-2025-34411
[https://www.cve.org/cverecord?id=CVE-2025-34411]
CVE-2025-34412: https://www.cve.org/cverecord?id=CVE-2025-34412
[https://www.cve.org/cverecord?id=CVE-2025-34412]
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

References:
- [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
  - From: Yuffie Kisaragi via Fulldisclosure

Prev by Date: [FD] APPLE-SA-12-12-2025-9 Safari 26.2
Next by Date: [FD] nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Attributes functionality
Previous by thread: [FD] Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
Next by thread: [FD] [SYSS-2025-060]: HP computer UEFI boot protection bypass
Index(es):
- Date
- Thread