High severity8.0NVD Advisory· Published Mar 10, 2025· Updated Jun 17, 2026
CVE-2025-27910
CVE-2025-27910
Description
tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/upd/status. This vulnerability allows attackers to execute arbitrary operations via a crafted GET or POST request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- tianti/tiantidescription
Patches
Vulnerability mechanics
References
1- github.com/xujeff/tianti/issues/39nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.