CVE-2025-52493: When Password FieldsAren’t Enough – Client-Side SecretExposure in PagerDuty Cloud Runbook
By Mario Bartolome & Carter Ross During a recent Red Team engagement, our team at Praetorian discovered a vulnerability in PagerDuty Cloud Runbook that highlights a fundamental security principle: never trust the client with secrets. In this blog, we share details about CVE-2025-52493, a medium-severity vulnerability that exposed stored secrets to authenticated administrators through simple […]