CVE-2025-55041

HIGH

MuraCMS <= 10.1.10 - Cross-Site Request Forgery in Add To Group Functionality

Title source: llm

Description

MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functionality for user management (cUsers.cfc addToGroup method) that allows attackers to escalate privileges by adding any user to any group without proper authorization checks. The vulnerable function lacks CSRF token validation and directly processes user-supplied userId and groupId parameters via getUserManager().createUserInGorup(), enabling malicious websites to forge requests that automatically execute when an authenticated administrator visits a crafted page. Adding a user to the Super Admins group (s2 user) is not possible. Successful exploitation results in the attacker gaining privilege escalation both horizontally to other groups and vertically to the admin group. Escalation to the s2 User group is not possible.

References (2)

Core 2

Core References

https://www.murasoftware.com

https://docs.murasoftware.com/v10/release-notes/#section-version-1014

Scores

CVSS v3 8.0

EPSS 0.0013

EPSS Percentile 2.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-352

Status published

Products (1)

murasoftware/mura_cms

Published Mar 18, 2026

Tracked Since Mar 18, 2026