PatchSiren

Aptsys CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Aptsys CVE published 2026-01-23

CVE-2025-52023

CVE-2025-52023 is an information exposure vulnerability in the PHP backend of Gemscms, allowing unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces via specially crafted HTTP GET/POST requests to public API endpoints. This issue is classified under CWE-209: Information Exposure Through an Error Message.