Vulnerability in N/a

CVE-2025-55046

MuraCMS through 10.1.10 contains a CSRF vulnerability that allows attackers to permanently destroy all deleted content stored in the trash system through a simple CSRF attack. The vulnerable cTrash.empty function lacks CSRF token validatio…

EPSS: 0.000 (6.0th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References