EUVD-2026-18655

A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInnerHTML. Performing a manipulation of the argument formCss/formCssMobile/formSideHtml results in cross site scripting. The attack can be initiated remotely. The exploit has been released to the publi...

📄 Casdoor 2.359.0 Cross Site Request Forgery

Casdoor version 2.359.0 suffers from a cross site request forgery vulnerability. This is an older vulnerability originally discovered in 2023 that they still have not addressed in later versions. Exploit Title: Casdoor 2.359.0 2026-03-18 - Cross-Site Request Forgery CSRF Application: Casdoor...

CVE-2022-38638

Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...

Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: Casdoor 2.55.0 - Cross-Site Request Forgery CSRF Application: Casdoor Version: 2.55.0 Date: 09/10/2025 Exploit Author: Van Lam Nguyen Facebook: vanlam1412 Vendor Homepage: https://casdoor.org/ Software Link: https://github.com/casdoor/casdoor/archive/refs/tags/v2.55.0.zip Tested on...

Casdoor 安全漏洞

Casdoor is an open source platform from Casdoor Open Source that supports multiple authentication and authorization protocols. A security vulnerability exists in Casdoor version 1.811.0 and prior versions that stems from an authorization bypass that could lead to unauthorized access...