1. Home
  2. CVE Database
  3. CVE-2025-62717
CRITICAL · 9.1

CVE-2025-62717

Emlog is an open source website building system. In version 2.5.23, Emlog Pro is vulnerable to a session verification code error due to a clearing logic error. This means the verification code could b...

Vulnerability Description

Emlog is an open source website building system. In version 2.5.23, Emlog Pro is vulnerable to a session verification code error due to a clearing logic error. This means the verification code could be reused anywhere an email verification code is required. This issue has been fixed in commit 1f726df.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
EmlogEmlog2.5.23

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2025-62717?

CVE-2025-62717 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Emlog is an open source website building system. In version 2.5.23, Emlog Pro is vulnerable to a session verification code error due to a clearing logic error. This means the verification code could b...

How severe is CVE-2025-62717?

CVE-2025-62717 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-62717?

Check the references section above for vendor advisories and patch information. Affected products include: Emlog Emlog.