CVE-2025-28355 Information

Description

Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery (CSRF) allowing attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none

Reference

https://github.com/abbisQQ/CVE-2025-28355/tree/main https://github.com/Volmarg/personal-management-system https://github.com/Volmarg/personal-management-system/issues/149