CVE-2025-55041
CVE-2025-55041 : MuraCMS up to 10.1.10 contains a CSRF flaw in the Add To Group (cUsers.cfc addToGroup) function that lets an attacker with a crafted page cause an authenticated admin to add any user to any group without CSRF token validation. The vulnerability handles userId and groupId via getU...