CVE-2025-68110
9.9CRITICALChurchCRM is an open-source church management system. Versions prior to 6.5.3 may disclose database information in an error message including the host, ip, username, and password. Version 6.5.3 fixes
Published: 12/17/2025Updated: 12/18/2025
Description
ChurchCRM is an open-source church management system. Versions prior to 6.5.3 may disclose database information in an error message including the host, ip, username, and password. Version 6.5.3 fixes the issue.
AI AnalysisPowered by AI
Affected Products
churchcrmchurchcrm
References
- https://github.com/ChurchCRM/CRM/security/advisories/GHSA-82mq-xc2j-3qv2ExploitVendor Advisory
- https://github.com/ChurchCRM/CRM/security/advisories/GHSA-82mq-xc2j-3qv2ExploitVendor Advisory