CVE-2025-24875 | SAP Commerce COM_CLOUD 2211/HY_COM 2205 Setting cross-site request forgery

Inserito da Angelo Barbosa | Feb 11, 2025 | CVE

A vulnerability was found in SAP Commerce COM_CLOUD 2211/HY_COM 2205. It has been rated as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery.

The identification of this vulnerability is CVE-2025-24875. The attack may be initiated remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-24875 | SAP Commerce COM_CLOUD 2211/HY_COM 2205 Setting cross-site request forgery

Post correlati

CVE-2025-23394 | SUSE openSUSE Tumbleweed 2.5.0-1.1 cyrus-imapd symlink

CVE-2024-54453 | Kurmi Provisioning Suite up to 7.9.0.34/7.10.0.18/7.11.0.15 DocServlet path traversal

CVE-2025-24635 | Paytm Payment Donation Plugin up to 2.3.1 on WordPress cross site scripting

CVE-2025-0135 | Palo Alto GlobalProtect App/GlobalProtect UWP App up to 6.0.0/6.1.0/6.2.7/6.3.2 on macOS privileges assignment