CVE-2025-4210 – Casdoor SCIM User Creation Endpoint Authorization Bypass Vulnerability

May 2, 2025

CVE ID : CVE-2025-4210

Published : May 2, 2025, 4:15 p.m. | 34 minutes ago

Description : A vulnerability classified as critical was found in Casdoor up to 1.811.0. This vulnerability affects the function HandleScim of the file controllers/scim.go of the component SCIM User Creation Endpoint. The manipulation leads to authorization bypass. The attack can be initiated remotely. Upgrading to version 1.812.0 is able to address this issue. The name of the patch is 3d12ac8dc2282369296c3386815c00a06c6a92fe. It is recommended to upgrade the affected component.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleGrand Theft Auto 6 has been DELAYED — will now miss 2025 launch window entirely

Next Article Microsoft Bing is stealing tens of millions of Google’s search users according to the latest data

Highlights

CVE-2025-4026 – PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability

April 28, 2025

CVE ID : CVE-2025-4026

Published : April 28, 2025, 4:15 p.m. | 2 hours, 50 minutes ago

Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument adminname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

SD Times 100

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

‘No aggressive monetization’ — Nexus Mods’ new ownership responds to worried members

Build AI Agents That Run Your Day – While You Focus on What Matters

Build AI Agents That Run Your Day – While You Focus on What Matters

Faster Builds in Meteor 3.3: Modern Build Stack with SWC and Bundler Optimizations

How to Change Redirect After Login/Register in Laravel Breeze

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

CVE-2025-4210 – Casdoor SCIM User Creation Endpoint Authorization Bypass Vulnerability

Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security

Gemini 2.5 Pro Preview: even better coding performance

CVE-2025-4481 – SourceCodester Apartment Visitor Management System SQL Injection Vulnerability

CVE-2025-49182 – Citrix Application Credentials Disclosure

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

CVE-2025-4026 – PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability

Best of 2025 | Hotel Operations Solution in Singapore

How AlphaChip transformed computer chip design

CVE-2025-4219 – WordPress DPEPress Stored Cross-Site Scripting

CVE-2025-4210 – Casdoor SCIM User Creation Endpoint Authorization Bypass Vulnerability

Related Posts