CVE-2025-55044
CSRF in MuraCMS Trash Restore Allows Unauthorized Content Restoration
Publication date: 2026-03-18
Last updated on: 2026-03-20
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| murasoftware | mura_cms | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The Trash Restore CSRF vulnerability in MuraCMS through version 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations by exploiting a lack of CSRF token validation in the cTrash.restore function.
When an authenticated administrator visits a malicious webpage, their browser automatically submits a hidden form that restores specified content from the trash to a location chosen by the attacker using the parentid parameter.
This means attackers can force the restoration of deleted content to arbitrary places within the website structure without the administrator's consent.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to unauthorized restoration of deleted content to inappropriate or malicious locations within the MuraCMS website.
- Restoration of previously deleted malicious content.
- Placement of sensitive documents in publicly accessible areas.
- Manipulation of the website's navigation structure.
- Restoration of outdated content that was intentionally removed for security or compliance reasons.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can negatively impact compliance with standards such as GDPR and HIPAA by enabling unauthorized restoration and exposure of sensitive or protected content.
Restoring sensitive documents to public areas or retaining outdated content that was removed for compliance reasons may lead to data breaches or violations of data protection regulations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate the Trash Restore CSRF vulnerability in MuraCMS, immediate steps include restricting access to the administrative interface to trusted users only and avoiding visiting untrusted or suspicious websites while logged in as an administrator.
Additionally, implementing CSRF token validation in the cTrash.restore function is necessary to prevent unauthorized restoration of deleted content.
Until a patch is available, administrators should be cautious about their browsing habits and consider temporarily disabling the trash restore functionality if possible.