PT-2025-28862 · Unknown · Datasync Center
Published
2025-07-09
·
Updated
2025-08-06
·
CVE-2025-7379
CVSS v4.0
5.2
Medium
| Vector | AV:N/AC:H/AT:P/PR:H/UI:P/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
DataSync Center versions 1.1.0 through 1.1.0.r207
DataSync Center versions 1.2.0 through 1.2.0.r206
Description:
A security bypass issue allows exploitation via Reverse Tabnabbing, a type of phishing attack where attackers can manipulate the content of the original tab, leading to credential theft and other security risks.
Recommendations:
For DataSync Center versions 1.1.0 through 1.1.0.r207, update to a version after 1.1.0.r207 to resolve the issue.
For DataSync Center versions 1.2.0 through 1.2.0.r206, update to a version after 1.2.0.r206 to resolve the issue.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Datasync Center