exploitDog

CVE-2025-25927

Опубликовано: 11 мар. 2025

Источник: nvd

CVSS3: 6.8

EPSS Низкий

Описание

A Cross-Site Request Forgery (CSRF) in Openmrs 2.4.3 Build 0ff0ed allows attackers to execute arbitrary operations via a crafted GET request.

Ссылки

https://github.com/johnchd/CVEs/blob/main/OpenMRS/CVE-2025-25927%20-%20CSRF%20via%20GET.md
Exploit
Third Party Advisory
https://github.com/johnchd/CVEs/blob/main/OpenMRS/CVE-2025-25927%20-%20CSRF%20via%20GET.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openmrs:openmrs:2.4.3:build0ff0ed:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00047

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-mx4h-4r93-47mh

CVSS3: 6.8

github

11 месяцев назад

A Cross-Site Request Forgery (CSRF) in Openmrs 2.4.3 Build 0ff0ed allows attackers to execute arbitrary operations via a crafted GET request.

EPSS

Процентиль: 15%

0.00047

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-352