CVE-2025-4210 | Casdoor up to 1.811.0 SCIM User Creation Endpoint controllers/scim.go HandleScim authorization

Inserito da Angelo Barbosa | Mag 2, 2025 | CVE

A vulnerability classified as critical was found in Casdoor up to 1.811.0. This vulnerability affects the function HandleScim of the file controllers/scim.go of the component SCIM User Creation Endpoint. The manipulation leads to authorization bypass.

This vulnerability was named CVE-2025-4210. The attack can be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-4210 | Casdoor up to 1.811.0 SCIM User Creation Endpoint controllers/scim.go HandleScim authorization

Post correlati

CVE-2025-22585 | themebon Ultimate Image Hover Effects Plugin up to 1.1.2 on WordPress cross site scripting

CVE-2024-38765 | Oceanic Plugin up to 1.0.48 on WordPress cross-site request forgery

CVE-2024-23648 | Pimcore admin-ui-classic-bundle up to 1.2.2 injection (GHSA-mrqg-mwh7-q94j)

CVE-2024-38792 | ConveyThis Translate Team Language Translate Widget Plugin up to 234 on WordPress authorization