Multiple Incorrect Access Control vulnerabilities in adata Software GmbH Mitarbeiterportal 2.15.2.0 allow remote authenticated, low-privileged users to carry out administrative functions and manipulate data of other users via unauthorized API calls.Referenceshttps://www.adata.de/mitarbeiter-portal/https://no-sec.net/posts/cve-2025-61075/
