3 matches found
CVE-2025-3954
CVE-2025-3954 affects ChurchCRM 5.16.0, targeting an unknown functionality in the Referer Handler that enables server-side request forgery (SSRF). The issue can be triggered remotely over a network, with attack complexity rated HIGH and exploitation deemed difficult; multiple sources note the exp...
CVE-2025-3954 ChurchCRM Referer server-side request forgery
A vulnerability, which was classified as problematic, has been found in ChurchCRM 5.16.0. Affected by this issue is some unknown functionality of the component Referer Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The complexity of an attack ...
ChurchCRM 代码问题漏洞
ChurchCRM is an open source CRM system built for churches by ChurchCRM Open Source. A security vulnerability exists in ChurchCRM version 5.16.0 that stems from a server-side request forgery in the Referer Handler component...