CVE-2025-52892

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/espocrm/espocrm/commit/929611f317ce8892ea75873b0ab3094c0c510ff3", "name": "https://github.com/espocrm/espocrm/commit/929611f317ce8892ea75873b0ab3094c0c510ff3", "tags": [], "refsource": ""}, {"url": "https://github.com/espocrm/espocrm/security/advisories/GHSA-26x2-6wch-j8pf", "name": "https://github.com/espocrm/espocrm/security/advisories/GHSA-26x2-6wch-j8pf", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "EspoCRM is a web application with a frontend designed as a single-page application and a REST API backend written in PHP. In versions 9.1.6 and below, if a user loads Espo in the browser with double slashes (e.g https://domain//#Admin) and the webserver does not strip the double slash, it can cause a corrupted Slim router's cache. This will make the instance unusable until there is a completed rebuild. This is fixed in version 9.1.7."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-444"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-52892", "ASSIGNER": "security-advisories@github.com"}}, "impact": {}, "publishedDate": "2025-08-05T01:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-05T01:15Z"}