CVE-2025-6476

MEDIUM

Oretnom23 Gym Management System - Missing Authorization

Title source: rule

Description

A vulnerability was found in SourceCodester Gym Management System 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

References (5)

Scores

CVSS v3 4.3
EPSS 0.0008
EPSS Percentile 23.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Classification

CWE
CWE-862 CWE-352
Status published

Affected Products (1)

oretnom23/gym_management_system

Timeline

Published Jun 22, 2025
Tracked Since Feb 18, 2026