CVE-2025-1927 - Vulnerability Details - OpenCVE

Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery.This issue affects Online Food Delivery System: through 19122025.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

No data.

References

Link	Providers
https://www.usom.gov.tr/bildirim/tr-25-0469

History

Fri, 19 Dec 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 19 Dec 2025 12:15:00 +0000

Type	Values Removed	Values Added
Description		Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery.This issue affects Online Food Delivery System: through 19122025.
Title		CSRF in Restajet's Online Food Delivery System
Weaknesses		CWE-352
References		https://www.usom.gov.tr/bildirim/tr-25-0469
Metrics		cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N'}`

MITRE

Status: PUBLISHED

Assigner: TR-CERT

Published: 2025-12-19T12:01:03.912Z

Updated: 2025-12-19T13:54:57.242Z

Reserved: 2025-03-04T11:45:35.560Z

Link: CVE-2025-1927

Vulnrichment

Updated: 2025-12-19T13:54:50.661Z

NVD

Status : Received

Published: 2025-12-19T12:15:45.513

Modified: 2025-12-19T12:15:45.513

Link: CVE-2025-1927

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-1927", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "state": "PUBLISHED", "assignerShortName": "TR-CERT", "dateReserved": "2025-03-04T11:45:35.560Z", "datePublished": "2025-12-19T12:01:03.912Z", "dateUpdated": "2025-12-19T13:54:57.242Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Online Food Delivery System", "vendor": "Restajet Information Technologies Inc.", "versions": [{"lessThanOrEqual": "19122025", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Berat ARSLAN"}], "datePublic": "2025-12-19T11:52:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery.<p>This issue affects Online Food Delivery System: through 19122025.</p>"}], "value": "Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery.This issue affects Online Food Delivery System: through 19122025."}], "impacts": [{"capecId": "CAPEC-62", "descriptions": [{"lang": "en", "value": "CAPEC-62 Cross Site Request Forgery"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2025-12-19T12:01:03.912Z"}, "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-25-0469"}], "source": {"advisory": "TR-25-0469", "defect": ["TR-25-0469"], "discovery": "UNKNOWN"}, "title": "CSRF in Restajet's Online Food Delivery System", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-19T13:54:40.598110Z", "id": "CVE-2025-1927", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-19T13:54:57.242Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1927", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-19T13:54:40.598110Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-19T13:54:50.661Z"}}], "cna": {"title": "CSRF in Restajet's Online Food Delivery System", "source": {"defect": ["TR-25-0469"], "advisory": "TR-25-0469", "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Berat ARSLAN"}], "impacts": [{"capecId": "CAPEC-62", "descriptions": [{"lang": "en", "value": "CAPEC-62 Cross Site Request Forgery"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Restajet Information Technologies Inc.", "product": "Online Food Delivery System", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "19122025"}], "defaultStatus": "affected"}], "datePublic": "2025-12-19T11:52:00.000Z", "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-25-0469"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery.This issue affects Online Food Delivery System: through 19122025.", "supportingMedia": [{"type": "text/html", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery.<p>This issue affects Online Food Delivery System: through 19122025.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2025-12-19T12:01:03.912Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1927", "state": "PUBLISHED", "dateUpdated": "2025-12-19T13:54:57.242Z", "dateReserved": "2025-03-04T11:45:35.560Z", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "datePublished": "2025-12-19T12:01:03.912Z", "assignerShortName": "TR-CERT"}, "dataVersion": "5.2"}