| |

PgAdmin Vulnerability Allows Attackers to Gain Unauthorized Access to User Accounts

ByAdmin

A significant security flaw has been identified in PgAdmin, the popular open-source administration and development platform for PostgreSQL databases. This vulnerability, tracked as CVE-2025-9636, impacts all PgAdmin versions up to and including 9.7, potentially enabling remote attackers to gain unauthorised access to user accounts and the sensitive data they manage. The issue stems from an improperly configured Cross-Origin Opener Policy (COOP), which is intended to isolate a web application’s window from others, preventing malicious pages from interacting with it. In the affected versions of PgAdmin, this policy was not enforced correctly, allowing attackers to manipulate the OAuth authentication flow, commonly used in secure authorisation processes like “Log in with Google” or “Log in with GitHub.”

An attacker could exploit this vulnerability by deceiving a user into clicking a specially crafted link. This link would open the PgAdmin login page in a new browser window while the attacker’s malicious page remains active in the original window. Due to the COOP misconfiguration, the attacker’s page can maintain a reference to the PgAdmin window and interfere with the authentication process. If the user logs in using an OAuth provider, the attacker can intercept the authentication token, effectively hijacking the session. The successful exploitation of this flaw poses severe risks for organisations, including unauthorised account access, data breaches, account takeover, and privilege escalation. The PgAdmin development team has promptly released a patch to correct the COOP header configuration, closing the security gap. All users of PgAdmin versions 9.7 and earlier are strongly urged to update to the latest version immediately to safeguard their systems from potential attacks. 

Categories: Cybersecurity, Software Vulnerability, Database Management 

Tags: Security Flaw, pgAdmin, PostgreSQL, CVE-2025-9636, Cross-Origin Opener Policy, OAuth, Unauthorized Access, Data Breaches, Account Takeover, Mitigations 

Similar Posts

Weekly Cybersecurity News Roundup: Key Security Updates from Microsoft, Cisco, and Fortinet, Plus Recent Cyber Attack Insights Stay informed with our latest weekly recap of cybersecurity news, featuring essential security updates from industry leaders Microsoft, Cisco, and Fortinet. We also delve into recent cyber attacks, providing insights into emerging threats and vulnerabilities. Don’t miss out on crucial information that can help safeguard your digital assets!

| | |

Sure! Here’s a rephrased version of your title for improved SEO: “Comprehensive Analysis of DragonForce Ransomware Attack: Targeted Victims, Tactics, Techniques, Procedures (TTPs), and Indicators of Compromise (IoCs)

Leave a Reply

Your email address will not be published. Required fields are marked *