CVE-2025-59113 — Windu CMS implements weak client-side brute-force protection by using parameter loginError. Information about attempt count or timeout is not stored on the server, which allows a malicious attacker to — CVE Database · The Intelligence Room