CVE-2025-55744

EUVD-2025-25449
UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery (CSRF). This vulnerability is fixed in 0.2.1.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Affected Products (NVD)
VendorProductVersion
webkulunopim
𝑥
< 0.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://drive.proton.me/urls/VXNDKQ4WKR#LpvE777hl8OJ
https://github.com/unopim/unopim/security/advisories/GHSA-287x-6r2h-f9mw