A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://gitee.com/xiaobingby/TeaCMS/issues/IBYRPK | Exploit Issue Tracking |
https://vuldb.com/?ctiid.309853 | Permissions Required VDB Entry |
https://vuldb.com/?id.309853 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.580729 | Third Party Advisory VDB Entry |
https://gitee.com/xiaobingby/TeaCMS/issues/IBYRPK | Exploit Issue Tracking |
Configurations
History
20 Jun 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
First Time |
Teacms Project
Teacms Project teacms |
|
CPE | cpe:2.3:a:teacms_project:teacms:2.0.2:*:*:*:*:*:*:* | |
References | () https://gitee.com/xiaobingby/TeaCMS/issues/IBYRPK - Exploit, Issue Tracking | |
References | () https://vuldb.com/?ctiid.309853 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.309853 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.580729 - Third Party Advisory, VDB Entry |
21 May 2025, 19:16
Type | Values Removed | Values Added |
---|---|---|
References | () https://gitee.com/xiaobingby/TeaCMS/issues/IBYRPK - |
21 May 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-21 18:15
Updated : 2025-06-20 16:15
NVD link : CVE-2025-5033
Mitre link : CVE-2025-5033
CVE.ORG link : CVE-2025-5033
JSON object : View
Products Affected
teacms_project
- teacms