CVE-2025-60535
CVE-2025-60535CVE-2025-60535
Description
A Cross-Site Request Forgery (CSRF) in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request.
Scoring
| CVSS | 7.3 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
| Last modified | 2026-07-05 |