Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/29 3:18 p.m.14 views

CVE-2025-59894

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS6AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 12:15 p.m.5 views

CVE-2025-59894

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS0.00124EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/28 11:53 a.m.8 views

EUVD-2025-206493

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS6AI score0.00124EPSS
Exploits0References1
CVE
CVE
added 2026/01/28 11:53 a.m.15 views

CVE-2025-59894

CVE-2025-59894 is a CSRF flaw affecting Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. The issue arises from missing CSRF token validation, enabling an authenticated attacker to induce other logged-in users to perform unintended actions, such as issuing a POST to delet...

8.5CVSS6AI score0.00124EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2026/01/28 11:53 a.m.30 views

CVE-2025-59894 Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS0.00124EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/28 11:53 a.m.3 views

CVE-2025-59894

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS6AI score0.00124EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder