CVE-2025-30561

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Mar 24, 2025

Updated: Mar 27, 2025

CWE ID 352

Summary

CVE-2025-30561 is a newly disclosed vulnerability affecting Henrique Mouta CAS Maestro, a popular web application for managing Central Authentication Services. The vulnerability is a Cross-Site Request Forgery (CSRF) issue that grants attackers the ability to inject malicious code via Stored Cross-Site Scripting (XSS) attacks. Those utilizing CAS Maestro versions from n/a to 1.1.3 are at risk. Successful exploitation could lead to unauthorized data manipulation, session hijacking, or other malicious activities. Users are advised to upgrade to a patched version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

WordPress

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/4psfcN
https://www.cve.org/CVERecord?id=CVE-2025-30561
https://nvd.nist.gov/vuln/detail/CVE-2025-30561

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2025-30561

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations