CVE-2025-28355
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-28355
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-28355.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-28355
- Published
- 2025-04-18T19:15:45Z
- Modified
- 2025-06-21T06:00:47.754550Z
- Summary
- [none]
- Details
-
Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery (CSRF) allowing attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none
- References
Affected packages
Git / github.com/volmarg/personal-management-system
Affected ranges
- Type
- GIT
- Repo
- https://github.com/volmarg/personal-management-system
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
1.*
1.19
1.31.1
Beta1.*
Beta1.2
Beta1.3
Beta1.4
beta1.*
beta1.0
beta1.1
v1.*
v1.0
v1.01
v1.02
v1.021
v1.1
v1.11
v1.12
v1.13
v1.14
v1.15
v1.16
v1.17
v1.17.1
v1.17.2
v1.17.3
v1.17.4
v1.17.5
v1.17.6
v1.17.7
v1.18
v1.18.1
v1.18.2
v1.18.3
v1.18.4
v1.18.5
v1.18.6
v1.18.7
v1.18.8
v1.18.9
v1.20
v1.20.1
v1.20.2
v1.20.3
v1.20.4
v1.20.5
v1.20.6
v1.20.7
v1.20.8
v1.20.8.1
v1.20.8.2
v1.20.8.3
v1.20.8.4
v1.20.8.5
v1.21
v1.22
v1.23
v1.3
v1.31
v1.3a.1
v1.4
v1.4.01
v1.4.1
v1.4.2
v1.4.21
v1.4.22
v1.4.23
v1.4.24
v1.4.25
v1.4.30
v1.4.31
v1.4.4
v1.4.41
v1.4.42
v1.4.43
v1.4.44
v1.4.45
v1.4.46
v1.4.50
v1.4.51
v1.4.52
v1.4.6
v1.4.61
v1.4.62
v1.4.63
v1.4.64
v1.4.65