CVE Catalog

CVE-2025-58468

MediumCVSS 5.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.05%

16th percentile — higher than 16% of all known CVEs

Summary

A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center, allowing remote attackers to gain privileges or hijack user identities.

Risk Assessment

Attackers can exploit this vulnerability to gain unauthorized access to user accounts, potentially leading to serious security breaches within the organization.

Recommendation

It is recommended to upgrade to Notification Center version 1.10.0.3291 or later to mitigate this vulnerability.

Original NVD description (English source)

A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: Notification Center 1.10.0.3291 and later

Vulnerability data from NVD (NIST) · CISA KEV · EPSS