CVE-2025-5132

Name of the Vulnerable Software and Affected Versions Tmall Demo up to 20250505

Description A vulnerability was found in the processing of the file tmall/admin/account/logout, which leads to cross-site request forgery. The attack may be initiated remotely. The issue affects some unknown processing, and the exploit has been disclosed to the public.

Recommendations As a temporary workaround, consider disabling the logout processing endpoint until a fix is available. Restrict access to the tmall/admin/account/logout file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.