CVE-2026-40549

NONE

—CVSS v3

—CVSS v2

0.03% EPSS (exploit probability)

CWE-352CWE

Description

SOPlanning is vulnerable to Cross‑Site Request Forgery (CSRF) in groupe_save create, modify and delete endpoints. An attacker can craft a malicious website that, when visited by an authenticated user, automatically sends a forged GET or POST request to the application.

This issue affects SOPlanning version 1.55 and below.

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE