2 matches found
CVE-2025-54598
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI...
CVE-2025-54598
Bevy Event service (as used for eBay Seller Events) up to 2025-07-22 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that enables an attacker to delete all notifications via the /notifications/delete/ endpoint. Root cause is CSRF on the notification-deletion path; impact is parti...