CVE-2025-55041
Received Received - Intake
CSRF in MuraCMS User Management Enables Privilege Escalation

Publication date: 2026-03-18

Last updated on: 2026-03-20

Assigner: MITRE

Description
MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functionality for user management (cUsers.cfc addToGroup method) that allows attackers to escalate privileges by adding any user to any group without proper authorization checks. The vulnerable function lacks CSRF token validation and directly processes user-supplied userId and groupId parameters via getUserManager().createUserInGorup(), enabling malicious websites to forge requests that automatically execute when an authenticated administrator visits a crafted page. Adding a user to the Super Admins group (s2 user) is not possible. Successful exploitation results in the attacker gaining privilege escalation both horizontally to other groups and vertically to the admin group. Escalation to the s2 User group is not possible.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-18
Last Modified
2026-03-20
Generated
2026-05-07
AI Q&A
2026-03-18
EPSS Evaluated
2026-05-05
NVD
CVE-2025-55041
EUVD
EUVD-2025-208829
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
murasoftware mura_cms *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-55041 is a Cross-Site Request Forgery (CSRF) vulnerability in MuraCMS versions through 10.1.10, specifically in the Add To Group functionality for user management. The vulnerability exists because the addToGroup method in cUsers.cfc does not validate CSRF tokens and directly processes user-supplied parameters to add users to groups without proper authorization checks.

This flaw allows attackers to craft malicious web pages that, when visited by an authenticated administrator, can cause unauthorized addition of any user to any group. However, adding a user to the highest privilege group, the Super Admins group (s2 user), is not possible.

Successful exploitation results in privilege escalation, both horizontally (to other groups) and vertically (to the admin group), by bypassing normal authorization mechanisms.


How can this vulnerability impact me? :

This vulnerability can lead to unauthorized privilege escalation within the MuraCMS system. An attacker can add users to privileged groups without proper authorization, potentially gaining administrative access or elevated permissions.

Such unauthorized access can compromise the integrity and security of the system, allowing attackers to perform administrative actions, modify content, or access sensitive data.

Although escalation to the highest privilege group (Super Admins) is not possible, gaining admin group privileges still poses a significant security risk.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

To mitigate the CVE-2025-55041 vulnerability, you should update Mura CMS to version 10.1.4 or later, where this CSRF vulnerability in the Add To Group functionality has been fixed as part of multiple security updates.

Applying this update will prevent unauthorized privilege escalation by ensuring proper authorization checks and CSRF token validation are in place for user management functions.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart