How to fix CVE-2025-61547?

Within 30 days: Identify affected systems running edu Business Solutions Print Shop Pro WebDesk and apply vendor patches as part of regular patch cycle. Verify anti-CSRF tokens are enforced.

Is Print Shop Pro Webdesk affected by CVE-2025-61547?

Organizations using edu Business Solutions Print Shop Pro WebDesk should be aware of notable risk from CVE-2025-61547, a cross-site request forgery vulnerability rated CVSS 6.8. Users could be tricked into performing unintended actions. Proof-of-concept code is publicly available.

CVE-2025-61547

MEDIUM

2026-01-08 [email protected]

6.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Feb 10, 2026 - 18:16 vuln.today

Public exploit code

CVE Published

Jan 08, 2026 - 17:15 nvd

MEDIUM 6.8

Description

Cross-Site Request Forgery (CSRF) is present on all functions in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.76). The application does not implement proper CSRF tokens or other other protective measures, allowing a remote attacker to trick authenticated users into unknowingly executing unintended actions within their session. This can lead to unauthorized data modification such as credential updates.

Analysis

Print Shop Pro Webdesk versions up to 18.34 is affected by cross-site request forgery (csrf) (CVSS 6.8).

Technical Context

This vulnerability (CWE-352: Cross-Site Request Forgery (CSRF)) affects Print Shop Pro Webdesk. Cross-Site Request Forgery (CSRF) is present on all functions in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.76). The application does not implement proper CSRF tokens or other other protective measures, allowing a remote attacker to trick authenticated users into unknowingly executing unintended actions within their session. This can lead to unauthorized data modification such as credential updates.

Affected Products

Vendor: Edubusinesssolutions. Product: Print Shop Pro Webdesk. Versions: up to 18.34.

Remediation

Fixed in version 19.76. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +34

POC: +20

CVE-2025-61547 vulnerability details – vuln.today

Back

CVE-2025-61547

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-61547

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code