CVE-2025-4375

Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cross-Site Request Forgery is present at the whole application but it can be used to change the Pro Cloud Server Configuration password. 
This issue affects Pro Cloud Server: earlier than 6.0.165.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
NCSC-FICNA
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Common Weakness Enumeration
References
https://sparxsystems.com/products/procloudserver/6.1/