CVE-2025-6105 | jflyfox jfinal_cms 5.0.1 HOME.java Logout cross-site request forgery

Inserito da Angelo Barbosa | Giu 15, 2025 | CVE

A vulnerability has been found in jflyfox jfinal_cms 5.0.1 and classified as problematic. This vulnerability affects unknown code of the file HOME.java. The manipulation of the argument Logout leads to cross-site request forgery.

This vulnerability was named CVE-2025-6105. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-6105 | jflyfox jfinal_cms 5.0.1 HOME.java Logout cross-site request forgery

Post correlati

CVE-2025-1873 | Mayuri K 101news 1.0 contactus.php pagedescription sql injection

CVE-2024-54439 | Alok Tiwari Amazon Product Price Plugin up to 1.1 on WordPress cross-site request forgery

CVE-2024-45880 | Motorola CX2L Router up to 1.0.2 Setting SetStationSettings command injection

CVE-2024-37741 | OpenPLC up to 9cd8f1b Profile Picture cross site scripting (Issue 242)