CNNVD-202510-3535 Information
Oct 27, 2025
cve
CNNVD ID
CNNVD-202510-3535
Related CVE
- CNNVD Published: 2025-10-27
Description (Chinese)
Wimi Teamwork是美国Wimi公司的一个团队协作云平台。 Wimi Teamwork 7.38.17之前版本存在安全漏洞,该漏洞源于API未验证csrf_token字段值,可能导致跨站请求伪造攻击。
Description (English)
Wimi Teamwork is a team-based cloud platform for Wimi Corporation in the United States. The previous version of Wimi Teamwork 7.38.17 had a security loophole, which originated from the fact that API had not validated the csrf token field values, which could lead to cross-site requests for false attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Wimi
Published
2025-10-27
Last Modified
2026-02-24
References
https://www.wimi-teamwork.com/ https://www.vulncheck.com/advisories/wimi-teamwork-csrf https://www.wimi-teamwork.com/product-news/release-7-38/ https://access.redhat.com/security/cve/cve-2025-34133
Share on: