Description
MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality (csettings.cfc createBundle method) that allows unauthenticated attackers to force administrators to create and save site bundles containing sensitive data to publicly accessible directories. This vulnerability enables complete data exfiltration including user accounts, password hashes, form submissions, email lists, plugins, and site content without administrator knowledge. This CSRF vulnerability enables complete data exfiltration from MuraCMS installations without requiring authentication. Attackers can force administrators to unknowingly create site bundles containing sensitive data, which are saved to publicly accessible web directories. The attack executes silently, leaving administrators unaware that confidential information has been compromised and is available for unauthorized download.
Published: 2026-03-18
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Complete data exfiltration via unauthenticated CSRF
Action: Patch Upgrade
AI Analysis

Impact

A cross‑site request forgery flaw in the bundle creation routine of MuraCMS allows an attacker to tempt administrators into generating and saving site bundles that contain highly sensitive content. The vulnerability is such that the bundle creation operation runs silently without the administrator’s awareness, and the resulting archives are placed in publicly accessible web directories, exposing information such as user accounts, password hashes, form submissions, email lists, plugins, and full site contents. Because the attacker does not need any credentials to trigger the action, the impact is potentially complete data theft for the site owner.

Affected Systems

The flaw exists in MuraSoftware’s MuraCMS up to and including version 10.1.10. All installations of those releases are affected, regardless of site content size or configuration, since the vulnerable bundle‑creation endpoint is present in the default distribution.

Risk and Exploitability

The CVSS score of 6.5 indicates moderate severity, but the EPSS score below 1% suggests the vulnerability is not widely exploited yet. It is not listed in the CISA KEV catalog, meaning no known widespread exploitation has been documented. Nonetheless, the attack vector is an unauthenticated CSRF request, which can be performed simply by luring a logged‑in administrator to a crafted URL. Because the data is dumped to a public directory, the discovery of exfiltrated content is straightforward, and the loss of confidentiality can be catastrophic. The risk is therefore significant if an attacker can reach the targeted website’s frontend.

Generated by OpenCVE AI on March 20, 2026 at 19:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to MuraCMS version 10.1.11 or newer, which removes the CSRF vulnerability.
  • If an upgrade is not immediately possible, disable or remove the bundle‑creation feature from the administrator interface to prevent unauthorized use.
  • Move or delete any public directories where site bundles are stored, ensuring they are not accessible via the web.
  • Verify that no existing bundle files containing sensitive data remain in public locations and delete them if found.
  • Monitor administrative actions for unexpected bundle creations and audit logs for anomalous requests.

Generated by OpenCVE AI on March 20, 2026 at 19:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title MuraCMS CSRF Enables Unauthenticated Data Exfiltration

Fri, 20 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:murasoftware:mura_cms:-:*:*:*:*:*:*:*

Thu, 19 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-352
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 19 Mar 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Murasoftware
Murasoftware mura Cms
Vendors & Products Murasoftware
Murasoftware mura Cms

Wed, 18 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Description MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality (csettings.cfc createBundle method) that allows unauthenticated attackers to force administrators to create and save site bundles containing sensitive data to publicly accessible directories. This vulnerability enables complete data exfiltration including user accounts, password hashes, form submissions, email lists, plugins, and site content without administrator knowledge. This CSRF vulnerability enables complete data exfiltration from MuraCMS installations without requiring authentication. Attackers can force administrators to unknowingly create site bundles containing sensitive data, which are saved to publicly accessible web directories. The attack executes silently, leaving administrators unaware that confidential information has been compromised and is available for unauthorized download.
References

Subscriptions

Murasoftware Mura Cms
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-19T13:46:12.835Z

Reserved: 2025-08-06T00:00:00.000Z

Link: CVE-2025-55043

cve-icon Vulnrichment

Updated: 2026-03-19T13:45:10.340Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-18T16:16:23.427

Modified: 2026-03-20T18:12:06.070

Link: CVE-2025-55043

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:54:11Z

Weaknesses