Severity: moderate Affected versions:
- Apache Fineract through 1.10.1 - Apache Fineract 1.11.0 unaffected Description: Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.10.1. The issue is fixed in version 1.11.0. Users are encouraged to upgrade to version 1.13.0, the latest release. Credit: Peter Chen, PayPal Security (finder) Kristof Jozsa, BaaSFlow (analyst) References: https://fineract.apache.org/ https://www.cve.org/CVERecord?id=CVE-2025-23408
