CNNVD-202512-2401 Information
CNNVD ID
CNNVD-202512-2401
Related CVE
- CNNVD Published: 2025-12-12
Description (Chinese)
Japan Total System GroupSession Free edition等都是日本Japan Total System公司的一个企业协作软件。 Japan Total System多款产品存在跨站请求伪造漏洞,该漏洞源于跨站请求伪造问题,可能导致执行非预期操作。以下产品及版本受到影响:GroupSession Free edition 5.3.0之前版本、Japan Total System GroupSession byCloud 5.3.3之前版本和GroupSession ZION 5.3.2之前版本。
Description (English)
Papan Total System Group Session Free edict is a collaborative business software for Japan Total System. There is a breach of cross-site requests for forgery in the Jepan Total System multi-purpose product, which stems from the problem of cross-site requests for forgery and may lead to unintended operations. The following products and versions have been affected: pre-Groupsession Free Order 5.3.0, pre-Japan Total System Group Process by Cloud 5.3.3 and pre-Groupsession ZION 5.3.2.
Hazard Level
High
Vulnerability Type
跨站请求伪造
Affected Vendor
Japan Total System
Published
2025-12-12
Last Modified
2026-02-24
References
https://groupsession.jp/info/info-news/security20251208 https://jvn.jp/en/jp/JVN19940619/
Patch
https://groupsession.jp/dl/dl.html
Share on: