Cross-Site Request Forgery Vulnerability in UnoPim by UnoPim
CVE-2025-55744

6.9MEDIUM

Key Information:

Vendor: Unopim
Status: Unopim
Vendor: CVE Published:; 21 August 2025

What is CVE-2025-55744?

UnoPim, a Product Information Management system developed on the Laravel framework, contains a vulnerability in certain application endpoints that allows for Cross-Site Request Forgery (CSRF). This issue affects all versions prior to 0.2.1. Implementing security measures is essential to prevent unauthorized requests and safeguard sensitive data.

Affected Version(s)

unopim < 0.2.1

References

https://github.com/unopim/unopim/security/advisories/GHSA...

x_refsource_CONFIRM

https://drive.proton.me/urls/VXNDKQ4WKR#LpvE777hl8OJ

x_refsource_MISC

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2025
Vulnerability Reserved
Aug 14, 2025

Unopim

What is CVE-2025-55744?

Affected Version(s)

References

CVSS V4

Timeline