CNNVD-202510-1773 Information

CNNVD ID

CNNVD-202510-1773

Related CVE

CVE-2025-60535

• CNNVD Published: 2025-10-14

Description (Chinese)

Wallos是Miguel Ribeiro个人开发者的一个开源个人订阅跟踪器。 Wallos 4.1.1版本存在安全漏洞，该漏洞源于组件/endpoints/currency/currency未验证跨站请求，可能导致执行任意操作。

Description (English)

Wallace is an open-source personal subscription tracker for Miguel Ribeiro personal developers. There is a security loophole in the Wallos 4.1.1 version, which stems from the failure of the component/endpoints/currency/currency to verify a cross-site request, which may result in the performance of an arbitrary operation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-14

Last Modified

2026-02-24

References

http://wallos.com https://github.com/vityuasd/VulList/blob/main/CVE-2025-60535.md https://github.com/ellite/Wallos/ https://access.redhat.com/security/cve/cve-2025-60535