{"vulnerability": "ghsa-w9hf-35q4-vcjw", "sightings": [{"uuid": "7d810dd3-34b8-47e7-9fbe-504150a391c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-W9HF-35Q4-VCJW", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16215", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46721\n\ud83d\udd25 CVSS Score: 6 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: nosurf is cross-site request forgery (CSRF) protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on the target site, or on a subdomain of the target site (either via XSS, or otherwise) to bypass CSRF checks and issue requests on user's behalf. Due to misuse of the Go `net/http` library, nosurf categorizes all incoming requests as plain-text HTTP requests, in which case the `Referer` header is not checked to have the same origin as the target webpage. If the attacker has control over HTML contents on either the target website (e.g. `example.com`), or on a website hosted on a subdomain of the target (e.g. `attacker.example.com`), they will also be able to manipulate cookies set for the target website. By acquiring the secret CSRF token from the cookie, or overriding the cookie with a new token known to the attacker, `attacker.example.com` is able to craft cross-site requests to `example.com`. A patch for the issue was released in nosurf 1.2.0. In lieu of upgrading to a patched version of nosurf, users may additionally use another HTTP middleware to ensure that a non-safe HTTP request is coming from the same origin (e.g. by requiring a `Sec-Fetch-Site: same-origin` header in the request).\n\ud83d\udccf Published: 2025-05-13T15:29:30.068Z\n\ud83d\udccf Modified: 2025-05-13T19:07:23.093Z\n\ud83d\udd17 References:\n1. https://github.com/justinas/nosurf/security/advisories/GHSA-w9hf-35q4-vcjw\n2. https://github.com/justinas/nosurf/commit/ec9bb776d8e5ba9e906b6eb70428f4e7b009feee\n3. https://github.com/advisories/GHSA-rq77-p4h8-4crw\n4. https://github.com/justinas/nosurf-cve-2025-46721\n5. https://github.com/justinas/nosurf/releases/tag/v1.2.0", "creation_timestamp": "2025-05-13T19:31:12.000000Z"}]}