CVE-2025-5422 is a medium-severity vulnerability affecting juzaweb CMS versions up to 3.4.2. The flaw resides in the Email Logs Page component, specifically within the /admin-cp/logs/email file, where improper access controls allow unauthorized remote attackers to access or manipulate email log data. The vulnerability does not require user interaction or authentication, and can be exploited remotely over the network with low attack complexity. The CVSS 4.0 vector indicates no privileges are required (PR:L means low privileges, but AT:N means no authentication required), no user interaction, and limited impact on confidentiality (VC:L) with no impact on integrity or availability. The vendor has been contacted but has not responded or issued a patch, and the exploit details have been publicly disclosed, increasing the risk of exploitation. Although no known exploits are currently observed in the wild, the public disclosure and lack of vendor response elevate the threat level. The vulnerability could allow attackers to view sensitive email logs, potentially exposing confidential information or enabling further reconnaissance and targeted attacks against the CMS or its users.

For European organizations using juzaweb CMS, this vulnerability poses a risk of unauthorized disclosure of email logs, which may contain sensitive information such as email addresses, communication metadata, or internal system notifications. Exposure of such data can lead to privacy violations under GDPR, reputational damage, and facilitate phishing or social engineering attacks. Since juzaweb CMS is used by various organizations for website management, including potentially SMEs and public sector entities, the improper access control could undermine trust and operational security. The lack of vendor patching increases the urgency for organizations to implement compensating controls. The medium severity suggests limited direct system compromise but significant confidentiality concerns, especially in regulated industries or sectors handling personal data.

Given the absence of an official patch, European organizations should immediately audit their juzaweb CMS installations to identify affected versions (3.4.0 to 3.4.2). Mitigation steps include restricting access to the /admin-cp/logs/email endpoint via network-level controls such as IP whitelisting or VPN-only access, implementing web application firewall (WAF) rules to detect and block unauthorized access attempts, and monitoring logs for suspicious activity targeting the email logs page. Organizations should consider disabling or restricting the Email Logs Page functionality if feasible. Additionally, applying strict role-based access controls within the CMS and ensuring that administrative interfaces are not exposed to the public internet can reduce exposure. Regular backups and monitoring for unusual data access patterns are recommended. Finally, organizations should maintain communication with the vendor for updates and consider alternative CMS platforms if timely patches are not forthcoming.