PT-2025-6891 · Pix · Pix Software Vivaz
Stux
+1
·
Published
2025-02-15
·
Updated
2025-02-16
·
CVE-2025-1358
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
Pix Software Vivaz version 6.0.10
Description:
A problematic vulnerability was found in Pix Software Vivaz, affecting unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Recommendations:
For Pix Software Vivaz version 6.0.10, as a temporary workaround, consider restricting access to sensitive operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authorization
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Pix Software Vivaz