Severity: low Affected versions:
- Apache Fineract through 1.11.0 - Apache Fineract 1.12.1 unaffected Description: Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release. Credit: Peter Chen (reporter) Jose Alberto Hernandez (remediation developer) Ádám Sághy (remediation reviewer) References: https://fineract.apache.org/ https://www.cve.org/CVERecord?id=CVE-2025-58130
