CVE-2025-5521

Medium CVSS: 5.3

A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/user/updataPassword. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

5kcrm

Product

Wukongcrm

CWE

CWE-352

Yayın Tarihi

2025-06-03 19:15:40

Güncelleme

2025-06-09 15:12:57

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-352 Wukongcrm MEDIUM 5kcrm 2025

Referanslar

https://github.com/Aiyakami/CVE-1/issues/6 https://vuldb.com/?ctiid.310957 https://vuldb.com/?id.310957 https://vuldb.com/?submit.584636 https://github.com/Aiyakami/CVE-1/issues/6

Benzer Kayıtlar

Medium

CVE-2026-2141

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file…

Medium

CVE-2025-60828

WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine in…

Medium

CVE-2025-8852

A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/u…