CVE-2026-48518
Deferred Deferred - Pending Action

Cross-Site Request Forgery in MultiJuicer

Vulnerability report for CVE-2026-48518, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-15

Last updated on: 2026-06-16

Assigner: GitHub, Inc.

Description

MultiJuicer is used to run separate Juice Shop instances on a central kubernetes cluster without the need for local instances. In versions 8.0.0 through 10.0.0, the team join endpoint (POST /multi-juicer/api/teams/{team}/join) accepted requests with any Content-Type, including text/plain. Because that content type does not trigger a CORS preflight, an attacker could host a cross-site HTML form that auto-submits to the endpoint and forces a victim's browser to log in as the attacker's team. A successful, undetected attacker can cause victims to unwittingly solve Juice Shop challenges under the attacker's team identity. In a CTF context this lets the attacker inflate their team's score using other players' activity, and any sensitive data the victim enters into "their" Juice Shop ends up in the attacker's instance. The vulnerability is exploitable without any prior authentication; the victim only needs to visit a page the attacker controls while having network access to the MultiJuicer deployment. SameSite=Strict on the session cookie does not mitigate this, because the attack plants a new cookie rather than relying on an existing one. This issue was fixed in version 10.0.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-15
Last Modified
2026-06-16
Generated
2026-07-06
AI Q&A
2026-06-16
EPSS Evaluated
2026-07-04
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
juice_shop multi_juicer From 8.0.0 (inc) to 10.0.0 (inc)
juice_shop multi_juicer 10.0.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in MultiJuicer versions 8.0.0 through 10.0.0, specifically in the team join endpoint (POST /multi-juicer/api/teams/{team}/join). The endpoint accepts requests with any Content-Type, including text/plain, which does not trigger a CORS preflight check.

An attacker can exploit this by hosting a cross-site HTML form that auto-submits to the endpoint, causing a victim's browser to log in as the attacker's team without the victim's knowledge or consent.

This attack does not require prior authentication and only requires the victim to visit a page controlled by the attacker while having network access to the MultiJuicer deployment.

The attack works by planting a new session cookie rather than relying on an existing one, so protections like SameSite=Strict on cookies do not prevent it.

In a Capture The Flag (CTF) context, this allows the attacker to inflate their team's score using other players' activity and access any sensitive data the victim enters into the Juice Shop under the attacker's team identity.

This vulnerability was fixed in MultiJuicer version 10.0.1.

Impact Analysis

This vulnerability can impact you by allowing an attacker to hijack your session and force your browser to log in as the attacker's team without your knowledge.

As a result, any actions you take, such as solving challenges in the Juice Shop, will be attributed to the attacker's team, potentially inflating their score unfairly.

Additionally, any sensitive data you enter while logged in under the attacker's team identity could be exposed to the attacker.

This attack requires only that you visit a page controlled by the attacker while having network access to the MultiJuicer deployment, making it relatively easy to exploit.

Mitigation Strategies

To mitigate this vulnerability, upgrade MultiJuicer to version 10.0.1 or later, where the issue has been fixed.

Additionally, consider restricting or validating the Content-Type header on the team join endpoint to prevent acceptance of unsafe content types like text/plain.

Ensure users are aware of the risk of visiting untrusted web pages while connected to the MultiJuicer deployment.

Compliance Impact

The vulnerability allows an attacker to force victims to log in as the attacker's team, potentially causing sensitive data entered by the victim to be exposed to the attacker. This unauthorized exposure of sensitive data could lead to non-compliance with data protection regulations such as GDPR or HIPAA, which require protection of personal and sensitive information against unauthorized access.

Since the attack can occur without prior authentication and involves cross-site request forgery that results in data leakage, organizations using affected versions of MultiJuicer might face risks related to confidentiality and data integrity, which are critical aspects of compliance frameworks.

However, the vulnerability was fixed in version 10.0.1 by enforcing JSON content-type validation, which mitigates the risk of such attacks.

Detection Guidance

This vulnerability can be detected by monitoring network traffic for POST requests to the MultiJuicer team join endpoint (/multi-juicer/api/teams/{team}/join) that use content types other than application/json, such as text/plain. Since the vulnerability involves accepting any Content-Type without triggering CORS preflight, detecting requests with suspicious Content-Type headers can indicate exploitation attempts.

You can use network traffic inspection tools like curl or tcpdump to identify such requests. For example, using curl to test the endpoint with a non-JSON content type:

  • curl -v -X POST https://<multi-juicer-host>/multi-juicer/api/teams/<team>/join -H "Content-Type: text/plain" -d "some data"

If the server accepts this request without rejecting it with a 415 Unsupported Media Type response, it indicates the vulnerable behavior.

Alternatively, you can use tcpdump or Wireshark to capture HTTP POST requests to the endpoint and filter for Content-Type headers that are not application/json.

  • tcpdump -i <interface> -A -s 0 'tcp port 80 or tcp port 443' | grep -i 'POST /multi-juicer/api/teams/' -A 10 | grep -i 'Content-Type'

These methods help detect attempts to exploit the vulnerability by identifying requests that do not comply with the fixed requirement of Content-Type: application/json.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-48518. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart