CVE-2025-6967

Name of the Vulnerable Software and Affected Versions Sarman Soft CMS versions through 10022026

Description The software contains an Execution After Redirect (EAR) issue that allows for JSON Hijacking, also known as JavaScript Hijacking, and Authentication Bypass. This flaw occurs due to improper handling of redirects, potentially leading to unauthorized access or actions. The vulnerability affects the CMS component.

Recommendations Versions through 10022026 should be updated when a fix becomes available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.