CVE-2025-13871

Published: Dec 2, 2025

Modified: Dec 2, 2025

PUBLISHED

Description

Cross-Site Request Forgery (CSRF) in the resource-management feature of ObjectPlanet Opinio 7.26 rev12562 allows to upload files on behalf of the connected users and then access such files without authentication.

Vendor	Product	Versions
ObjectPlanet	Opinio	affected `7.26 rev12562`

Weaknesses (CWE)

CWE-352

References

https://www.objectplanet.com/opinio/changelog.html

release-notes

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-13871

Description

Affected Products

Weaknesses (CWE)

References