CVE-2025-1358: Pix Software Vivaz cross-site request forgery
First published: Sun Feb 16 2025(Updated: )
A vulnerability classified as problematic was found in Pix Software Vivaz 6.0.10. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pixsoft Vivaz |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1358?
CVE-2025-1358 is classified as problematic, indicating a moderate level of concern due to its potential for exploitation.
How do I fix CVE-2025-1358?
To mitigate CVE-2025-1358, it is recommended to update to a secure version of Pix Software Vivaz that addresses this vulnerability.
What type of attack does CVE-2025-1358 involve?
CVE-2025-1358 involves a cross-site request forgery attack, which can be initiated remotely without user interaction.
What is affected by CVE-2025-1358?
CVE-2025-1358 affects Pix Software Vivaz version 6.0.10, where the vulnerable code is not explicitly disclosed.
Is there any public exploit available for CVE-2025-1358?
Yes, the exploit for CVE-2025-1358 has been disclosed to the public and may be actively used against vulnerable systems.
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/title
- agent/softwarecombine
- agent/author
- agent/severity
- agent/source
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/pix software
- canonical/pixsoft vivaz