Jspxcms

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-25772 MEDIUM POC This Month

A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted request. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Java Jspxcms

NVD

CVSS 3.1

5.1

EPSS

0.0%

CVE-2025-25772

EPSS 0% CVSS 5.1

MEDIUM POC This Month

A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted request. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Java Jspxcms

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy