CVE-2025-50902

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-50902
Cross Site Request Forgery (CSRF) vulnerability in old-peanut Open-Shop (aka old-peanut/wechat_applet__open_source) thru 1.0.0 allows attackers to gain sensitive information via crafted HTTP Post message.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://gitee.com/old-peanut/wechat_applet__open_source/issues/IC95QM Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:old-peanut:open-shop:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2025-08-20 20:15

Updated : 2025-10-09 17:23

NVD link : CVE-2025-50902

Mitre link : CVE-2025-50902

CVE.ORG link : CVE-2025-50902

JSON object : View

Products Affected

old-peanut

  • open-shop
CWE
CWE-352

Cross-Site Request Forgery (CSRF)