CVE-2025-58013

Name of the Vulnerable Software and Affected Versions pebas CouponXxL versions through 4.5.0

Description A Cross-Site Request Forgery (CSRF) issue exists in pebas CouponXxL, potentially allowing Privilege Escalation. This occurs due to insufficient validation of requests, which could allow an attacker to perform actions on behalf of an authenticated user without their knowledge. The vulnerability could be exploited by crafting a malicious web request that, when triggered (e.g., through a link or image tag), performs unauthorized actions on the targeted application.

Recommendations Update pebas CouponXxL to a version beyond 4.5.0.