VDB
CVE-2025-58430
CVE-2025-58430
PUBLISHED
CVSS 8.600000381469727 HIGH
listmonk: CSRF to XSS Chain can Lead to Admin Account Takeover
EPSS 0.03% · 8.2th percentile
Risk Scores
CVSS v4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.03%
8.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| knadh | listmonk | <= 1.1.0 |
| github.com | knadh/listmonk | 0 |
| nadh | listmonk | 0 |
Timeline
- Jan 21, 1970 Security Advisory
- Sep 9, 2025 CVE Published
- Sep 9, 2025 Coalition ESS Score
- Sep 9, 2025 PoC Published
- Sep 10, 2025 EPSS Score
- Sep 10, 2025 Coalition ESS Score
- Sep 11, 2025 Coalition ESS Score
- Sep 17, 2025 EPSS Score
- Sep 25, 2025 EPSS Score
- Oct 2, 2025 EPSS Score
- Oct 4, 2025 Coalition ESS Score
- Oct 6, 2025 Coalition ESS Score