CVE-2025-4375 – Sparx Systems Pro Cloud Server CSRF Session Hijacking

May 9, 2025

CVE ID : CVE-2025-4375

Published : May 9, 2025, 6:15 a.m. | 25 minutes ago

Description : Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cross-Site Request Forgery is present at the whole application but it can be used to change the Pro Cloud Server Configuration password.
This issue affects Pro Cloud Server: earlier than 6.0.165.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4376 – Sparx Systems Pro Cloud Server Cross-Site Scripting (XSS)

Next Article CVE-2025-3463 – “ASUS DriverHub HTTP Request Validation Vulnerability”

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-4375 – Sparx Systems Pro Cloud Server CSRF Session Hijacking

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

CVE-2025-0966 – IBM InfoSphere Information Server SQL Injection Vulnerability

Facebook exploit allowed attackers to remotely delete photos

CVE-2025-37823 – Linux Kernel Net-Sched HFSC Use-After-Free Vulnerability

Windows 11 25H2 Update: Minor Changes Expected in October 2025

BeyondTrust PRA connection takeover – CVE-2025-0217

CVE-2025-46777 – Fortinet FortiPortal Information Disclosure Vulnerability

Salesforce CEO says Microsoft did “pretty nasty” things to Slack and its OpenAI partnership may be a recipe for disaster

Proactive, Not Reactive – The Key to Inclusive and Accessible Design

Researchers Detail Bitter APT’s Evolving Tactics as Its Geographic Scope Expands

CVE-2025-4375 – Sparx Systems Pro Cloud Server CSRF Session Hijacking

Related Posts