CVE-2025-5033 – XiaoBingby TeaCMS Cross-Site Request Forgery Vulnerability

May 21, 2025

CVE ID : CVE-2025-5033

Published : May 21, 2025, 6:15 p.m. | 2 hours, 26 minutes ago

Description : A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-57529 – Jeppesen JetPlanner Pro Cross Site Scripting Vulnerability

Next Article CVE-2025-5020 – Firefox for iOS URL Spoofing Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

SteamOS is officially not just for Steam Deck anymore — now ready for Lenovo Legion Go S and sort of ready for the ROG Ally

Microsoft’s latest AI model can accurately forecast the weather: “It doesn’t know the laws of physics, so it could make up something completely crazy”

OpenAI scientists wanted “a doomsday bunker” before AGI surpasses human intelligence and threatens humanity

My favorite gaming service is 40% off right now (and no, it’s not Xbox Game Pass)

A timeline of JavaScript’s history

A timeline of JavaScript’s history

Loading JSON Data into Snowflake From Local Directory

Streamline Conditional Logic with Laravel’s Fluent Conditionable Trait

SteamOS is officially not just for Steam Deck anymore — now ready for Lenovo Legion Go S and sort of ready for the ROG Ally

SteamOS is officially not just for Steam Deck anymore — now ready for Lenovo Legion Go S and sort of ready for the ROG Ally

Microsoft’s latest AI model can accurately forecast the weather: “It doesn’t know the laws of physics, so it could make up something completely crazy”

OpenAI scientists wanted “a doomsday bunker” before AGI surpasses human intelligence and threatens humanity

CVE-2025-5033 – XiaoBingby TeaCMS Cross-Site Request Forgery Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-47535 – Opal Woo Custom Product Variation Path Traversal

CVE-2025-4744 – Apache Employee Record System Cross-Site Scripting Vulnerability

CVE-2024-58250 – ppp Passprompt Privilege Escalation Vulnerability

Laravel Log Files Support in PhpStorm

Why Security Audits Are Important

Operation FishMedley

OpenAI and Color Health partner to accelerate cancer treatment

Black Friday Deals for Designers and Agencies

10 Facts you probably didn’t know about Windows as Microsoft turns 50

CVE-2025-5033 – XiaoBingby TeaCMS Cross-Site Request Forgery Vulnerability

Related Posts