CVE-2025-9747
Koillection vulnerability CVE-2025-9747 affects versions up to 1.6.18 due to an unknown function in assets/controllers/csrf_protection_controller.js, enabling cross-site request forgery. The issue can be exploited remotely, and the exploit has been disclosed publicly. A fix is available in versio...