CVE-2025-31439

Name of the Vulnerable Software and Affected Versions tobias .MerZ Browser Caching with .htaccess versions 1.2.1 through n/a

Description The issue is a Cross-Site Request Forgery (CSRF) vulnerability, which allows Cross Site Request Forgery.

Recommendations For versions 1.2.1 and later, consider implementing proper CSRF token validation to prevent unauthorized requests. As a temporary workaround, consider restricting access to sensitive operations that could be exploited through CSRF attacks until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.