3 matches found
CVE-2025-55043
MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality csettings.cfc createBundle method that allows unauthenticated attackers to force administrators to create and save site bundles containing sensitive data to publicly accessible directories. This vulnerabili...
CVE-2025-55043
MuraCMS up to version 10.1.10 contains a CSRF flaw in the bundle creation flow (csettings.cfc createBundle) that allows unauthenticated attackers to force admins to create and save site bundles containing sensitive data into publicly accessible directories. This can enable complete data exfiltrat...
CVE-2025-55043
MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality csettings.cfc createBundle method that allows unauthenticated attackers to force administrators to create and save site bundles containing sensitive data to publicly accessible directories. This vulnerabili...