Insufficient Password Complexity in Optimizely CMS
CVE-2025-22390
Currently unrated
What is CVE-2025-22390?
A significant vulnerability in the Optimizely EPiServer.CMS.Core product has been identified, stemming from inadequate enforcement of password complexity requirements. The system allows users to create passwords with a minimum length of only 6 characters, which does not meet current security standards. This limitation exposes the application to various attack vectors, including password spraying and offline password cracking techniques that could compromise user accounts and sensitive data.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.