PT-2025-15817 · Unknown · Mergado Pack

Nguyen Xuan Chien

Publicado

2025-04-09

Atualizado

2025-04-09

CVE-2025-32669

CVSS v3.1

7.1

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions: Mergado Pack versions prior to 4.1.1

Description: The issue is a Cross-Site Request Forgery (CSRF) vulnerability that allows Stored XSS.

Recommendations: For versions prior to 4.1.1, update to version 4.1.1 or later to resolve the issue.

Correção

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2025-32669

Mergado Pack