← volver
CVE-2025-55744

UnoPim vulnerable to CSRF on Product edit feature and creation of other types

CVSS 6.9 MEDIUMEPSS 0.1%CWE-352
UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery (CSRF). This vulnerability is fixed in 0.2.1.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
Productos afectados
unopim · unopim

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://drive.proton.me/urls/VXNDKQ4WKR#LpvE777hl8OJhttps://github.com/unopim/unopim/security/advisories/GHSA-287x-6r2h-f9mw