QwikSec

Security Database

CVE

CWE

Training

CVE-2025-13175

Published: Jan 14, 2026

Modified: Jan 14, 2026

PUBLISHED

Description

Y Soft SafeQ 6 renders the Workflow Connector password field in a way that allows an administrator with UI access to reveal the value using browser developer/inspection tools. The affected customers are only those with a password-protected scan workflow connector. This issue affects Y Soft SafeQ 6 in versions before MU106.

Vendor	Product	Versions
YSoft	SafeQ 6	affected `0 - < MU106`

Weaknesses (CWE)

References

https://www.ysoft.com/safeq

product

https://docs.ysoft.cloud/safeq6/latest/safeq6/release-notes-build-106

release-notes

https://cert.pl/en/posts/2026/01/CVE-2025-13175

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.