Cross-Site Request Forgery Vulnerability in Tekrom Technology T-Soft E-Commerce
CVE-2025-13296

5.4MEDIUM

Key Information:

Vendor: Tekrom Technology Inc.
Status: T-soft E-commerce
Vendor: CVE Published:; 1 December 2025

🔔 Create Tekrom Technology Inc. Vulnerability Alert

What is CVE-2025-13296?

A Cross-Site Request Forgery (CSRF) vulnerability exists in Tekrom Technology Inc.'s T-Soft E-Commerce platform. This flaw allows unauthorized actions to be performed on behalf of authenticated users without their consent, potentially compromising user accounts and system integrity. The issue affects all versions of T-Soft E-Commerce until 28112025, emphasizing the importance of timely updates and security measures to protect user data and maintain trust.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

T-Soft E-Commerce 0 <= 28112025

References

https://www.usom.gov.tr/bildirim/tr-25-0421

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 1, 2025
Vulnerability Reserved
Nov 17, 2025

Credit

Berat ARSLAN

JSON

Tekrom Technology Inc.