PT-2025-17010 · Verge3D · Verge3D
Nabil Irawan
·
Published
2025-04-17
·
Updated
2025-04-19
·
CVE-2025-39443
CVSS v3.1
4.3
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
Fix
CSRF
Weakness Enumeration
Related Identifiers
Affected Products
Verge3D
Nabil Irawan
·
Published
2025-04-17
·
Updated
2025-04-19
·
CVE-2025-39443
4.3
Medium
| Base vector | Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
Verge3D versions prior to 4.9.0
Description:
The issue is a Cross-Site Request Forgery (CSRF) vulnerability, which allows Cross Site Request Forgery.
Recommendations:
For versions prior to 4.9.0, update to version 4.9.0 or later to resolve the issue.
Fix
CSRF