cvedb.io
CVE-2025-28355
MEDIUM · CVSS 4.7
EPSS exploitation probability: 0%
Published 2025-04-18T19:15:45.640 · Last modified 2026-06-17T09:04:42.177

Summary

Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery (CSRF) allowing attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none

Affected products

personal-management-system — personal_management_system

Does this affect you?

Add your gear to cvedb and we'll alert you only when personal-management-system ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.