Security Advisory

CVE-2025-25772

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-21 00:00:00

Last updated 2025-02-21 21:09:45

Assigner mitre

State PUBLISHED

Description

A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted request.

← Browse all CVEs View on cve.org ↗