CNNVD-202508-1169 Information

Aug 12, 2025 cve

CNNVD ID

CNNVD-202508-1169

CVE-2025-49555

  • CNNVD Published: 2025-08-12

Description (Chinese)

Adobe Commerce是美国奥多比(Adobe)公司的一种面向商家和品牌的全球领先的数字商务解决方案。 Adobe Commerce存在跨站请求伪造漏洞,该漏洞源于容易受到跨站请求伪造攻击,可能导致权限提升。以下版本受到影响:2.4.9-alpha1版本、2.4.8-p1版本、2.4.7-p6版本、2.4.6-p11版本、2.4.5-p13版本、2.4.4-p14版本及之前版本。

Description (English)

Adobe Commerce is the leading global digital business solution for both business and brands in Adobe, United States. Adobe Commerce has a false loophole in cross-site requests, which arises from the vulnerability of cross-site requests to false attacks, which may lead to increased authority. The following versions were affected: 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier.

Hazard Level

Medium

Vulnerability Type

跨站请求伪造

Affected Vendor

奥多比

Published

2025-08-12

Last Modified

2026-02-24

References

https://helpx.adobe.com/security/products/magento/apsb25-71.html

Patch

https://helpx.adobe.com/security/products/magento/apsb25-71.html

Share on: