CVE-2025-6106 | WuKongOpenSource WukongCRM 9.0 AdminRoleController.java cross-site request forgery

Inserito da Angelo Barbosa | Giu 15, 2025 | CVE

A vulnerability was found in WuKongOpenSource WukongCRM 9.0 and classified as problematic. This issue affects some unknown processing of the file AdminRoleController.java. The manipulation leads to cross-site request forgery.

The identification of this vulnerability is CVE-2025-6106. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-6106 | WuKongOpenSource WukongCRM 9.0 AdminRoleController.java cross-site request forgery

Post correlati

CVE-2024-7096 | WSO2 Open Banking IAM SOAP Admin Services authorization

CVE-2024-23558 | HCL DevOps Deploy/Launch session expiration (KB0111923)

CVE-2023-4225 | Chamilo LMS up to 1.11.24 exercise.ajax.php unrestricted upload

CVE-2025-37745 | Linux Kernel up to 6.12.23/6.13.11/6.14.2 compressor hibernate_compressor_param_set deadlock