CVE-2025-56748 — Creativeitem Academy LMS up to and including 5.13 uses predictable password reset tokens based on Base64 encoded templates without rate limiting, allowing brute force attacks to guess valid reset toke — CVE Database · The Intelligence Room