CVE-2025-4375 – Sparx Systems Pro Cloud Server CSRF Session Hijacking

May 9, 2025

CVE ID : CVE-2025-4375

Published : May 9, 2025, 6:15 a.m. | 25 minutes ago

Description : Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cross-Site Request Forgery is present at the whole application but it can be used to change the Pro Cloud Server Configuration password.
This issue affects Pro Cloud Server: earlier than 6.0.165.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4376 – Sparx Systems Pro Cloud Server Cross-Site Scripting (XSS)

Next Article CVE-2025-3463 – “ASUS DriverHub HTTP Request Validation Vulnerability”

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

CVE-2025-4375 – Sparx Systems Pro Cloud Server CSRF Session Hijacking

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Open Source MCP: Powering Scalable Test Automation

Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025

Microsoft ends 25-year presence in Pakistan, shifts to reseller model

CVE-2025-41649 – Cisco Craft Router Buffer Overflow Vulnerability

CVE-2025-7479 – PHPGurukul Vehicle Parking Management System SQL Injection

Rilasciato Scrcpy 3.2: il potente strumento open source per controllare il tuo Android dal computer

CVE-2024-13451 – Bit Form Contact Form Sensitive Information Exposure

The Razer Blade 14 got the AI laptop treatment with less weight, more ports and speakers, and two colors

CVE-2025-4375 – Sparx Systems Pro Cloud Server CSRF Session Hijacking

Related Posts