216.73.216.133

CVE-2025-13871

· Published 02/12/2025 10:16 · Modified 04/12/2025 17:54

Labels: CVE-2025-13871 2025-12-0264c5ae8f-7972-4697-86a0-7ada793ac795CVE-2025-13871CWE-352

Essential information

Published
02/12/2025 10:16
Modified
04/12/2025 17:54
Author
Creator
CVSS
2.3 LOW (v3) 2.3 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Cross-Site Request Forgery (CSRF) in the resource-management feature of ObjectPlanet Opinio 7.26 rev12562 allows to upload files on behalf of the connected users and then access such files without authentication.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
64c5ae8f-7972-4697-86a0-7ada793ac795
NVD
View on NVD

Affected products (CPE)

ProductCPE
objectplanet / opinio cpe:2.3:a:objectplanet:opinio:7.26:*:*:*:*:*:*:*

References