CVE-2025-5033 – XiaoBingby TeaCMS Cross-Site Request Forgery Vulnerability

May 21, 2025

CVE ID : CVE-2025-5033

Published : May 21, 2025, 6:15 p.m. | 2 hours, 26 minutes ago

Description : A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-57529 – Jeppesen JetPlanner Pro Cross Site Scripting Vulnerability

Next Article CVE-2025-5020 – Firefox for iOS URL Spoofing Vulnerability

Anthropic proposes transparency framework for frontier AI development

Sonatype Open Source Malware Index, Gemini API Batch Mode, and more – Daily News Digest

15 Top Node.js Development Service Providers for Large Enterprises in 2026

Droip: The Modern Website Builder WordPress Needed

The gaming headset I use every day is slashed to its lowest price ever thanks to Amazon Prime Day — “stellar battery life” awaits

How passkeys work: The complete guide to your inevitable passwordless future

This Sony OLED TV is my pick for best Prime Day deal – and it’s the last chance to get 50% off

Blizzard announces release date for World of Warcraft: The War Within’s 3rd major content patch — a patch that will feature the largest, city-sized raid boss in MMORPG history

Top PHP Projects for B.Tech Students: Learn Real Skills with PHPGurukul Projects

Top PHP Projects for B.Tech Students: Learn Real Skills with PHPGurukul Projects

Deno 2.4: deno bundle is back

From Silos to Synergy: Accelerating Your AI Journey

The gaming headset I use every day is slashed to its lowest price ever thanks to Amazon Prime Day — “stellar battery life” awaits

The gaming headset I use every day is slashed to its lowest price ever thanks to Amazon Prime Day — “stellar battery life” awaits

Blizzard announces release date for World of Warcraft: The War Within’s 3rd major content patch — a patch that will feature the largest, city-sized raid boss in MMORPG history

Microsoft recently raised the price of the Xbox Series S, but these retailers just dropped it back down again — close to the old price, but not for long

CVE-2025-5033 – XiaoBingby TeaCMS Cross-Site Request Forgery Vulnerability

CVE-2025-49697 – Microsoft Office Heap Buffer Overflow Vulnerability

CVE-2025-49701 – Microsoft Office SharePoint Cross-Site Scripting (XSS)

Experiment with Gemini 2.0 Flash native image generation

CVE-2025-46080 – HuoCMS File Upload Bypass Vulnerability

How Multilingual AI Agents Are Making Shopping Seamless Across the Globe🛒

CISA Warns of D-Link Path Traversal Vulnerability Exploited in Attacks

The JavaScript trademark fight rumbles on

Qwen Researchers Proposes QwenLong-L1: A Reinforcement Learning Framework for Long-Context Reasoning in Large Language Models

Critical Flaws in Phoenix Contact EV Charging Controllers Expose Infrastructure to Remote Code Execution and Unauthorized Access

CVE-2025-4999 – Linksys FGW3000 HTTP POST Request Handler Command Injection Vulnerability

CVE-2025-5033 – XiaoBingby TeaCMS Cross-Site Request Forgery Vulnerability

Related Posts