CVE-2025-54598

Published August 27th, 2025

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.

actuator/cve

Cyber Security Research, Advisories & Public CVE Archive

GitHub