CVE-2025-56710
published 2025-09-15CVE-2025-56710: A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-Using-PHP-V2.0. This…
high7.3CVSS 3.1
AVLACLPRNUINSUCHILAL
A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-Using-PHP-V2.0. This flaw allows an attacker to trick authenticated users into unintentionally modifying their account details. By crafting a malicious HTML page, an attacker can submit unauthorized requests to the vulnerable endpoint: /create-class.php.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | azl3_kernel_6.6.64.2-9_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.76.1-1_on_azure_linux_3.0 | — | — |
| phpgurukul | student_result_management_system | — | — |