3 matches found
CVE-2025-3954 ChurchCRM Referer server-side request forgery
A vulnerability, which was classified as problematic, has been found in ChurchCRM 5.16.0. Affected by this issue is some unknown functionality of the component Referer Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The complexity of an attack ...
CVE-2025-3954
CVE-2025-3954 affects ChurchCRM 5.16.0, targeting an unknown functionality in the Referer Handler that enables server-side request forgery (SSRF). The issue can be triggered remotely over a network, with attack complexity rated HIGH and exploitation deemed difficult; multiple sources note the exp...
ChurchCRM 代码问题漏洞
ChurchCRM is an open source CRM system built for churches by ChurchCRM Open Source. A security vulnerability exists in ChurchCRM version 5.16.0 that stems from a server-side request forgery in the Referer Handler component...