Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 2, 2025
The feature to manage resources is prone to Cross-Site Request Forgery attacks
CVE-2025-13871
Description
Cross-Site Request Forgery (CSRF) in the resource-management feature of
ObjectPlanet Opinio 7.26 rev12562
allows to upload files on behalf of the connected users and then access such files without authentication.
Affected products
2- Range: = 7.26 rev12562
- ObjectPlanet/Opiniov5Range: 7.26 rev12562
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.objectplanet.com/opinio/changelog.htmlmitrerelease-notes
News mentions
0No linked articles in our index yet.