LOWCVE-2025-26211CVSS 3.7

CVE-2025-26211: CSRF in Gibbon CMS

Platform

php

Component

core

Fixed in

29.0.00

AI Confidence: highNVDEPSS 0.1%Reviewed: May 2026

View on NVD

Save

CVE-2025-26211 describes a Cross-Site Request Forgery (CSRF) vulnerability affecting Gibbon CMS versions prior to 29.0.00. A CSRF attack allows an attacker to trick a user into performing actions they did not intend to, potentially leading to unauthorized modifications or deletions within the CMS. This vulnerability impacts users managing content and configurations within the Gibbon CMS. A fix is available in version 29.0.00.

Impact and Attack Scenarios

The CSRF vulnerability in Gibbon allows an attacker to craft malicious requests that appear to originate from a legitimate user. Successful exploitation could enable an attacker to modify content, change user roles, or even delete data within the CMS. The impact is particularly severe if the CMS is used to manage sensitive information or critical website content. While the CVSS score is LOW, the ease of exploitation and potential for unauthorized modifications make this a significant concern, especially for sites with limited security controls or user awareness.

Exploitation Context

CVE-2025-26211 was publicly disclosed on 2025-05-27. No public proof-of-concept (PoC) code has been identified at the time of writing. The EPSS score is pending evaluation. While no active exploitation campaigns are currently known, the ease of CSRF exploitation means this vulnerability remains a potential threat.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureHigh

EPSS

0.13% (33% percentile)

CISA SSVC

Exploitationnone

Automatableno

Technical Impactpartial

CVSS Vector

Affected Software

Componentcore

VendorGibbonEdu

Affected rangeFixed in

0.0.0 – 28.999.99929.0.00

Weakness Classification (CWE)

CWE-352

Timeline

Reserved2025-02-07
Published2025-05-27
EPSS updated2026-03-23

Mitigation and Workarounds

The primary mitigation for CVE-2025-26211 is to upgrade Gibbon CMS to version 29.0.00 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as adding CSRF tokens to all sensitive forms and actions within the CMS. Implementing a Content Security Policy (CSP) with strict origin controls can also help mitigate the risk by restricting the sources from which the CMS can load resources. Regularly review user permissions and access controls to minimize the potential damage from a successful attack.

How to fix

Update Gibbon to version 29.0.00 or higher. This version contains a fix for the CSRF vulnerability. The update can be performed through the Gibbon admin panel or by downloading the new version from the official website and replacing the existing files.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2025-26211 — CSRF in Gibbon CMS?

CVE-2025-26211 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Gibbon CMS versions before 29.0.00, allowing attackers to perform unauthorized actions.

Am I affected by CVE-2025-26211 in Gibbon CMS?

You are affected if you are using Gibbon CMS versions 0.0 through 29.0.00. Upgrade to 29.0.00 to mitigate the risk.

How do I fix CVE-2025-26211 in Gibbon CMS?

Upgrade Gibbon CMS to version 29.0.00 or later. Consider CSRF token implementation as a temporary workaround.

Is CVE-2025-26211 being actively exploited?

No active exploitation campaigns are currently known, but the ease of CSRF exploitation means it remains a potential threat.

Where can I find the official Gibbon advisory for CVE-2025-26211?

Refer to the Gibbon CMS official website and security announcements for the latest information and advisory regarding CVE-2025-26211.