CVE-2025-5033 – XiaoBingby TeaCMS Cross-Site Request Forgery Vulnerability

May 21, 2025

CVE ID : CVE-2025-5033

Published : May 21, 2025, 6:15 p.m. | 2 hours, 26 minutes ago

Description : A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-57529 – Jeppesen JetPlanner Pro Cross Site Scripting Vulnerability

Next Article CVE-2025-5020 – Firefox for iOS URL Spoofing Vulnerability

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

I found the ultimate MacBook Air alternative for Windows users – and it’s priced well

Outdated IT help desks are holding businesses back – but there is a solution

Android’s latest update can force apps into dark mode – how to see it now

I tried the Google Pixel Watch 4 – and these key features made it feel indispensable

Building Cross-Platform Alerts with Laravel’s Notification Framework

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

How to install OpenPlatform — IoT platform

Basics of Digital Forensics

Basics of Digital Forensics

Top Linux Server Automation Tools: Simplifying System Administration

Rising from the Ashes: How AlmaLinux and Rocky Linux Redefined the Post-CentOS Landscape

CVE-2025-5033 – XiaoBingby TeaCMS Cross-Site Request Forgery Vulnerability

“What happens online stays online” and other cyberbullying myths, debunked

The need for speed: Why organizations are turning to rapid, trustworthy MDR

Microsoft could ditch OpenAI’s high-stake for-profit talks: “Holding out is Microsoft’s nuclear option, and they are just making OpenAI sweat”

CVE-2025-50106 – Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition 2D Remote Takeover Vulnerability

The Elder Scrolls 4: Oblivion Remastered has already reached 4 million players in its first week

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

CVE-2025-30403 – Mvfst QUIC Heap Buffer Overflow

CVE-2025-4490 – Campcodes Online Food Ordering System SQL Injection Vulnerability

Smashing Animations Part 3: SMIL’s Not Dead Baby, SMIL’s Not Dead

Goodbye glare and hello details — Samsung’s anti-glare TV is on sale ahead of Prime Day

CVE-2025-5033 – XiaoBingby TeaCMS Cross-Site Request Forgery Vulnerability

Related Posts