Home

Description

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints.

PUBLISHED Reserved 2025-10-27 | Published 2025-11-07 | Updated 2025-11-07 | Assigner mitre

References

www.sourcecodester.com/...ing-php-and-mysql-source-code.html

github.com/...earch-2025/blob/main/CVE-2025-63716/README5.md

cve.org (CVE-2025-63716)

nvd.nist.gov (CVE-2025-63716)

Download JSON