CVE-2025-60535

CVE-2025-60535CVE-2025-60535

Description

A Cross-Site Request Forgery (CSRF) in the component /endpoints/currency/currency of Wallos v4.1.1 allows attackers to execute arbitrary operations via a crafted GET request.

Scoring

CVSS 7.3 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Last modified2026-07-05
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.