CVE-2025-61547
Last modified
CVE-2025-61547 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. Cross-Site Request Forgery (CSRF) is present on all functions in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.76). The application does not implement proper CSRF tokens or other other protective measures, allowing a remote attacker to trick authenticated users into unknowingly executing unintended actions within their session. EPSS estimates a 0.15% chance of exploitation in the next 30 days.
Description
Cross-Site Request Forgery (CSRF) is present on all functions in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.76). The application does not implement proper CSRF tokens or other other protective measures, allowing a remote attacker to trick authenticated users into unknowingly executing unintended actions within their session. This can lead to unauthorized data modification such as credential updates.
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Edubusinesssolutions | Print Shop Pro Webdesk | 18.34 |
References
- https://github.com/chndlrx/vulnerability-disclosures/tree/main/CVE-2025-61547Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2025-61547?
How severe is CVE-2025-61547?
How do I fix CVE-2025-61547?
Are you affected by CVE-2025-61547?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST