CVE-2025-5132
MEDIUMProject Team Tmall Demo < 2025-05-05 - Missing Authorization
Title source: ruleDescription
A vulnerability was found in Tmall Demo up to 20250505. It has been rated as problematic. This issue affects some unknown processing of the file tmall/admin/account/logout. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The vendor was contacted early about this disclosure but did not respond in any way.
Scores
CVSS v3
4.3
EPSS
0.0007
EPSS Percentile
20.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Classification
CWE
CWE-862
CWE-352
Status
published
Affected Products (1)
project_team/tmall_demo
< 2025-05-05
Timeline
Published
May 24, 2025
Tracked Since
Feb 18, 2026