Unrated severityNVD Advisory· Published Mar 3, 2025· Updated Mar 4, 2025
CVE-2025-25967
CVE-2025-25967
Description
Acora CMS version 10.1.1 is vulnerable to Cross-Site Request Forgery (CSRF). This flaw enables attackers to trick authenticated users into performing unauthorized actions, such as account deletion or user creation, by embedding malicious requests in external content. The lack of CSRF protections allows exploitation via crafted requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Acora/Acora CMSdescription
- Range: = 10.1.1
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.