CVE-2025-28357

Name of the Vulnerable Software and Affected Versions Neto CMS versions 6.313.0 through 6.314.0

Description A CRLF injection flaw exists in Neto CMS. This issue allows attackers to potentially execute arbitrary code by submitting a specially crafted HTTP request. The vulnerability is due to insufficient input validation, specifically regarding carriage return and line feed characters.

Recommendations Update Neto CMS to a version newer than 6.314.0.