प्लेटफ़ॉर्म
wordpress
घटक
co-marquage-service-public
में ठीक किया गया
0.5.78
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Co-marquage service-public.fr, a component used for co-branding on the service-public.fr platform. This vulnerability allows an attacker to execute unauthorized actions on behalf of an authenticated user. The vulnerability affects versions from 0.0.0 up to and including 0.5.77. A patch is expected to be released to address this issue.
The CSRF vulnerability in Co-marquage service-public.fr allows an attacker to trick a logged-in user into performing actions they did not intend to. This could involve modifying user settings, creating new content, or performing other actions that the user has permission to do. The impact is amplified if the user has administrative privileges, as an attacker could potentially gain control of the entire service. Successful exploitation could lead to data breaches, unauthorized modifications, and disruption of service.
The vulnerability was publicly disclosed on 2025-12-31. No public proof-of-concept (POC) code has been released at the time of writing. The vulnerability's impact is considered medium due to the potential for unauthorized actions, but the lack of public exploits suggests a lower probability of immediate exploitation. It is not currently listed on the CISA KEV catalog.
Organizations and users relying on the Co-marquage service-public.fr component for co-branding on the service-public.fr platform are at risk. This includes website administrators and users who interact with the service, particularly those with elevated privileges.
• wordpress / composer / npm:
grep -r "emendo_seb/co-marquage-service-public" /var/www/html
wp plugin list | grep co-marquage-service-public• generic web:
curl -I https://service-public.fr/co-marquage | grep -i 'co-marquage'disclosure
एक्सप्लॉइट स्थिति
EPSS
0.01% (0% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2025-62113 is to upgrade to a patched version of Co-marquage service-public.fr. Until a patch is available, consider implementing additional security measures such as implementing strict input validation and output encoding to prevent malicious data from being processed. Employing CSRF tokens on sensitive actions can also provide a temporary layer of protection. Review and strengthen authentication mechanisms to minimize the risk of unauthorized access.
कोई ज्ञात पैच उपलब्ध नहीं है। कृपया भेद्यता के विवरण की गहराई से समीक्षा करें और अपने संगठन के जोखिम सहनशीलता के आधार पर शमन उपाय अपनाएं। प्रभावित सॉफ़्टवेयर को अनइंस्टॉल करना और एक प्रतिस्थापन खोजना सबसे अच्छा हो सकता है।
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-62113 is a Cross-Site Request Forgery (CSRF) vulnerability affecting versions 0.0.0–0.5.77 of the Co-marquage service-public.fr component, allowing attackers to forge requests.
If you are using Co-marquage service-public.fr versions between 0.0.0 and 0.5.77 (inclusive), you are potentially affected by this vulnerability.
Upgrade to a patched version of Co-marquage service-public.fr as soon as it becomes available. Until then, implement CSRF tokens and input validation.
There are currently no reports of active exploitation, but the vulnerability remains a potential risk.
Refer to the official service-public.fr security advisories for updates and announcements regarding this vulnerability.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।