Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
MOVEit Transfer Unverified Password Change Vulnerability - CVE-2025-11235 - Vulnerability Database
MOVEit Transfer

MOVEit Transfer Unverified Password Change Vulnerability - CVE-2025-11235

High
Reference: CVE-2025-11235
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-11235
Title: MOVEit Transfer Unverified Password Change Vulnerability
Overview:

Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.3 from 2023.0.0 before 2023.0.8 from 2022.1.0 before 2022.1.11 from 2022.0.0 before 2022.0.10.