CVE-2025-8223

Medium CVSS: 5.3

A vulnerability, which was classified as problematic, was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 up to 24a15c02b4f75042c9f7f615a3fed2ec1cefb999. This affects an unknown part of the file AdminTypeCustController.java. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Vendor

Jerryshensjf

Product

Jpacookieshop

CWE

CWE-352

Yayın Tarihi

2025-07-27 05:15:31

Güncelleme

2025-10-31 19:19:33

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-352 Jpacookieshop MEDIUM Jerryshensjf 2025

Referanslar

https://github.com/Bemcliu/cve-reports/blob/main/cve-06-%E8%9B%8B%E7%B3%95%E5%95%86%E5%9F%8EJPA%E7%89%88-CSRF/readme.md https://vuldb.com/?ctiid.317811 https://vuldb.com/?id.317811 https://vuldb.com/?submit.621787

Benzer Kayıtlar

Medium

CVE-2025-8222

A vulnerability, which was classified as problematic, has been found in jerryshensjf JPACookieShop 蛋糕商城JPA版 up to 24a15c…

Medium

CVE-2025-8221

A vulnerability classified as problematic was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 up to 24a15c02b4f75042c9f7f61…

Medium

CVE-2025-7939

A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0. It has been classified as critical. Affected is th…

Medium

CVE-2025-7938

A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical. This issue affects the…