CVE-2025-58468
MediumCVSS 5.1Exploitation Probability (EPSS)
Low risk16th percentile — higher than 16% of all known CVEs
Summary
A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center, allowing remote attackers to gain privileges or hijack user identities.
Risk Assessment
Attackers can exploit this vulnerability to gain unauthorized access to user accounts, potentially leading to serious security breaches within the organization.
Recommendation
It is recommended to upgrade to Notification Center version 1.10.0.3291 or later to mitigate this vulnerability.
Original NVD description (English source)
A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: Notification Center 1.10.0.3291 and later

