CVE-2025-60535

A Cross-Site Request Forgery CSRF in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request...

EUVD-2025-34263

A Cross-Site Request Forgery CSRF in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request...

CVE-2025-60535

A Cross-Site Request Forgery CSRF in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request...

CVE-2025-60535

A Cross-Site Request Forgery CSRF in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request...

PT-2025-42158

A Cross-Site Request Forgery CSRF in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request...

CVE-2025-60535

A Cross-Site Request Forgery CSRF in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request...

Wallos 安全漏洞

Wallos is an open source personal subscription tracker by the individual developer Miguel Ribeiro. A security vulnerability exists in Wallos version 4.1.1, which stems from an unvalidated cross-site request in component/endpoints/currency/currency that could lead to the execution of arbitrary...

CVE-2025-60535

A Cross-Site Request Forgery CSRF in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request...

CVE-2025-60535

Wallos v4.1.1 contains a CSRF in the component /endpoints/currency/currency that could allow an attacker to perform arbitrary operations via a crafted GET request. The CVE-2025-60535 entry consistently describes this CSRF as the underlying issue; Red Hat and ENISA/EUVD mirrors also reference the ...