CVE-2025-58576

Medium CVSS: 5.1

Cross-site request forgery vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If a user accesses a malicious page while logged in, unintended operations may be performed.

Vendor

Groupsession

Product

Groupsession

CWE

CWE-352

Yayın Tarihi

2025-12-12 05:16:07

Güncelleme

2026-01-23 02:22:17

Source Identifier

vultures@jpcert.or.jp

KEV Date Added

Kategoriler

CWE-352 Groupsession MEDIUM Groupsession 2025

Referanslar

https://groupsession.jp/info/info-news/security20251208 https://jvn.jp/en/jp/JVN19940619/

Benzer Kayıtlar

Medium

CVE-2025-65120

Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.7.1, GroupSession byCloud…

Medium

CVE-2025-66284

Stored cross-site scripting vulnerabilities exist in GroupSession Free edition prior to ver5.7.1, GroupSession byCloud p…

Medium

CVE-2025-64781

In GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to v…

Medium

CVE-2025-62192

SQL Injection vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.…

Medium

CVE-2025-54407

Stored cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud pr…

Medium

CVE-2025-57883

Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud…