CVE-2025-50255 | THREATINT

Description

Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffice SmartVista Suite 2.2.22 via crafted GET request.

PUBLISHED Reserved 2025-06-16 | Published 2025-09-18 | Updated 2025-09-18 | Assigner mitre

HIGH: 7.8CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:R

References

gitlab.com/...g_CSRF_Protection_in_Smartvista-BackOffice.pdf exploit

gitlab.com/...g_CSRF_Protection_in_Smartvista-BackOffice.pdf

cve.org (CVE-2025-50255)

nvd.nist.gov (CVE-2025-50255)

Download JSON

help @ threatint.eu