FKIE_CVE-2025-55040

Vulnerability from fkie_nvd - Published: 2026-03-18 16:16 - Updated: 2026-03-20 18:12
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
The import form CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to upload and install malicious form definitions through a CSRF attack. The vulnerable cForm.importform function lacks CSRF token validation, enabling malicious websites to forge file upload requests that install attacker-controlled forms when an authenticated administrator visits a crafted webpage. Full exploitation of this vulnerability would require the victim to select a malicious ZIP file containing form definitions, which can be automatically generated by the exploit page and used to create data collection forms that steal sensitive information. Successful exploitation of the import form CSRF vulnerability could result in the installation of malicious data collection forms on the target MuraCMS website that can steal sensitive user information. When an authenticated administrator visits a malicious webpage containing the CSRF exploit and selects the attacker-generated ZIP file, their browser uploads and installs form definitions that create legitimate forms that could be designed with malicious content.
References
cve@mitre.orghttps://docs.murasoftware.com/v10/release-notes/#section-version-1014Release Notes
cve@mitre.orghttps://www.murasoftware.comProduct
Impacted products
Vendor Product Version
murasoftware mura_cms -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:murasoftware:mura_cms:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4646EE-1255-4B42-890A-E0B57EBFE2CE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The import form CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to upload and install malicious form definitions through a CSRF attack. The vulnerable cForm.importform function lacks CSRF token validation, enabling malicious websites to forge file upload requests that install attacker-controlled forms when an authenticated administrator visits a crafted webpage. Full exploitation of this vulnerability would require the victim to select a malicious ZIP file containing form definitions, which can be automatically generated by the exploit page and used to create data collection forms that steal sensitive information. Successful exploitation of the import form CSRF vulnerability could result in the installation of malicious data collection forms on the target MuraCMS website that can steal sensitive user information. When an authenticated administrator visits a malicious webpage containing the CSRF exploit and selects the attacker-generated ZIP file, their browser uploads and installs form definitions that create legitimate forms that could be designed with malicious content."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad CSRF en el formulario de importaci\u00f3n en MuraCMS hasta la versi\u00f3n 10.1.10 permite a los atacantes cargar e instalar definiciones de formularios maliciosas a trav\u00e9s de un ataque CSRF. La funci\u00f3n vulnerable cForm.importform carece de validaci\u00f3n de token CSRF, lo que permite a sitios web maliciosos falsificar solicitudes de carga de archivos que instalan formularios controlados por el atacante cuando un administrador autenticado visita una p\u00e1gina web manipulada. La explotaci\u00f3n completa de esta vulnerabilidad requerir\u00eda que la v\u00edctima seleccione un archivo ZIP malicioso que contenga definiciones de formularios, el cual puede ser generado autom\u00e1ticamente por la p\u00e1gina del exploit y utilizado para crear formularios de recopilaci\u00f3n de datos que roban informaci\u00f3n sensible. La explotaci\u00f3n exitosa de la vulnerabilidad CSRF en el formulario de importaci\u00f3n podr\u00eda resultar en la instalaci\u00f3n de formularios de recopilaci\u00f3n de datos maliciosos en el sitio web MuraCMS objetivo que pueden robar informaci\u00f3n sensible del usuario. Cuando un administrador autenticado visita una p\u00e1gina web maliciosa que contiene el exploit CSRF y selecciona el archivo ZIP generado por el atacante, su navegador carga e instala definiciones de formularios que crean formularios leg\u00edtimos que podr\u00edan ser dise\u00f1ados con contenido malicioso."
    }
  ],
  "id": "CVE-2025-55040",
  "lastModified": "2026-03-20T18:12:50.813",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-03-18T16:16:23.170",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes"
      ],
      "url": "https://docs.murasoftware.com/v10/release-notes/#section-version-1014"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "https://www.murasoftware.com"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.