CVE-2025-22347

Name of the Vulnerable Software and Affected Versions BSK Forms Blacklist versions n/a through 3.9

Description The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability that allows Blind SQL Injection. This means an attacker can trick a user into performing unintended actions on a web application, potentially leading to the extraction of sensitive data from the database without the user's knowledge.

Recommendations For versions n/a through 3.9, update to a version later than 3.9 to resolve the issue. As a temporary workaround, consider restricting access to sensitive BSK Forms Blacklist functionalities until a patch is available. Avoid using the BSK Forms Blacklist module in critical operations until the issue is resolved.