CVE-2025-15623

Vulnerability Description

Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server.

Unauthenticated user can retrieve database password in plaintext in certain situations

Vulnerability Details

Published Date

April 17, 2026

Last Modified

April 17, 2026

CWE ID

CWE-359

Source

NVD

Vendor

Sparx Systems Pty Ltd.

Product

Sparx Pro Cloud Server

External References

https://sparxsystems.com/products/procloudserver/6.1/history.html

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment