CVE Alert: CVE-2025-53642

July 12, 2025
image 1

Vulnerability Summary: CVE-2025-53642

haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user’s session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6.

Affected Endpoints:

No affected endpoints listed.

Published Date:

7/11/2025, 6:15:35 PM

⚠️ CVSS Score:

CVSS v3 Score: 4.8 (Medium)

Exploit Status:

Not Exploited

References:

Recommended Action:

No proposed action available. Please refer to vendor documentation for updates.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

image

[EVEREST] – Ransomware Victim: Bitbox

July 30, 2025
image

[INCRANSOM] – Ransomware Victim: fsl[.]org

July 30, 2025
image

[GLOBAL] – Ransomware Victim: RUKU Tore – Türen

July 30, 2025
image

CVE Alert: CVE-2025-5038

July 30, 2025
image

CVE Alert: CVE-2025-5043

July 30, 2025