CVE-2025-22963 Information

Description

Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin.

Reference

https://blog.teedy.io/ https://github.com/sismics/docs/releases/tag/v1.11 https://github.com/sota70/teedy-v1.11-csrf