PT-2025-49879 · Unknown · Dimitri Grassi Salon Booking System

Published

2025-12-09

Updated

2025-12-15

CVE-2025-66531

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Dimitri Grassi Salon booking system versions through 10.30.3

Description The Salon booking system is susceptible to a Cross-Site Request Forgery (CSRF) issue. This allows an attacker to potentially perform actions on behalf of an authenticated user without their knowledge.

Recommendations Versions prior to and including 10.30.3 should be updated.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2025-66531

Affected Products

Dimitri Grassi Salon Booking System

PT-2025-49879 · Unknown · Dimitri Grassi Salon Booking System

CVE-2025-66531

Weakness Enumeration

Related Identifiers

Affected Products

References · 4