CVE-2025-65840

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-65840

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-65840.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-65840

Published

2025-12-01T21:15:52.320Z

Modified

2026-03-14T12:45:50.432808Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

PublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery (CSRF) in the CkEditorAdminController.

References

Affected packages

Git / github.com/sanluan/publiccms

Affected ranges

Type

GIT

Repo

https://github.com/sanluan/publiccms

Events

Introduced

Last affected

59479f0374d48903f5678280c7ae4a46f5e94f8d

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.202506.b"
        }
    ]
}

Affected versions

Other

V2016

V4.*

V4.0.180707

V4.0.181024

V4.0.190312

V4.0.202004

V4.0.202011

V4.0.202107

V4.0.202107.b

V4.0.202107.c

V4.0.202107.d

V4.0.202107.f

V4.0.202204.a

V4.0.202204.b

V4.0.202204.c

V4.0.202204.d

V4.0.202302.a

V4.0.202302.b

V4.0.202302.c

V4.0.202302.d

V4.0.202302.e

V4.0.202302.f

V4.0.202406.a

V4.0.202406.b

V4.0.202406.c

V4.0.202406.d

V4.0.202406.e

V4.0.202406.f

V4.0.202506.a

V4.0.202506.b

V4.0.202506.c

V4.0.202506.d

V5.*

V5.202302.a

V5.202302.b

V5.202302.c

V5.202302.d

V5.202302.e

V5.202302.f

V5.202406.a

V5.202406.b

V5.202406.c

V5.202406.d

V5.202406.e

V5.202406.f

V5.202506.a

V5.202506.b

V5.202506.c

V5.202506.d

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-65840.json"