5 matches found
CVE-2025-25772
A Cross-Site Request Forgery CSRF in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted request...
CVE-2025-25772
A Cross-Site Request Forgery CSRF in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted request...
CVE-2025-25772
A Cross-Site Request Forgery CSRF in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted request...
CVE-2025-25772
CVE-2025-25772 affects Jspxcms versions 9.0–9.5. A CSRF vulnerability in the /back/UserController.java component could allow an attacker to arbitrarily add Administrator accounts via a crafted request. The CVSS base score is 5.1 (Medium) with local attack vector, low attack complexity, and no use...
CVE-2025-25772
A Cross-Site Request Forgery CSRF in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted request...