PT-2025-38792 · Unknown · Andy Moyle Emergency Password Reset
Nabil Irawan
·
Published
2025-09-22
·
Updated
2025-09-22
·
CVE-2025-57942
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
andy moyle Emergency Password Reset versions through 9.0
Description
A Cross-Site Request Forgery (CSRF) issue exists in andy moyle Emergency Password Reset, potentially allowing attackers to perform actions on behalf of authenticated users. This occurs due to insufficient protection against CSRF attacks.
Recommendations
Update andy moyle Emergency Password Reset to a version later than 9.0.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Andy Moyle Emergency Password Reset