CVE-2025-54969

Name of the Vulnerable Software and Affected Versions BAE SOCET GXP versions prior to 4.6.0.2

Description The SOCET GXP Job Status Service lacks Cross-Site Request Forgery (CSRF) protections. An attacker could potentially trick a legitimate user into unknowingly submitting requests to the Job Status Service by exploiting a malicious link or website. This could allow the attacker to perform actions as the user without their consent.

Recommendations Update BAE SOCET GXP to version 4.6.0.2 or later.