Cross-Site Request Forgery Vulnerability in SourceCodester Client Database Management System
CVE-2025-63711
7.1HIGH
Key Information:
- Vendor
SourceCodester
- Vendor
- CVE Published:
- 10 November 2025
What is CVE-2025-63711?
A security flaw in SourceCodester's Client Database Management System 1.0 enables an attacker to exploit Cross-Site Request Forgery (CSRF) vulnerabilities. This flaw allows malicious web pages to trigger user deletion actions on behalf of authenticated administrators without their consent. The user deletion endpoint does not validate the request origin or require anti-CSRF tokens, making it vulnerable to such exploitations. Consequently, an attacker can manipulate trusted user sessions to delete user accounts arbitrarily, posing a significant risk to user data integrity.