Metrics
Affected Vendors & Products
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Mon, 23 Feb 2026 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Orientdb
Orientdb orientdb |
|
| Vendors & Products |
Orientdb
Orientdb orientdb |
Fri, 20 Feb 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | OrientDB 3.0.17 GA Community Edition contains cross-site request forgery vulnerabilities that allow attackers to perform unauthorized actions by crafting malicious requests to endpoints like /database/, /command/, and /document/. Attackers can create or delete databases, modify schema classes, manage users, and create functions by sending authenticated requests without token validation, combined with reflected and stored cross-site scripting vulnerabilities in the web interface. | |
| Title | OrientDB 3.0.17 Cross-Site Request Forgery | |
| Weaknesses | CWE-352 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-02-20T22:56:57.950Z
Reserved: 2026-02-20T18:25:36.023Z
Link: CVE-2019-25447
No data.
Status : Awaiting Analysis
Published: 2026-02-20T23:16:01.173
Modified: 2026-02-23T18:14:13.887
Link: CVE-2019-25447
No data.
OpenCVE Enrichment
Updated: 2026-02-23T14:33:17Z