Skip to main content

CVE-2025-5033: Cross-Site Request Forgery in XiaoBingby TeaCMS

Medium
VulnerabilityCVE-2025-5033cvecve-2025-5033
Published: Wed May 21 2025 (05/21/2025, 17:31:08 UTC)
Source: CVE
Vendor/Project: XiaoBingby
Product: TeaCMS

Description

A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

AI-Powered Analysis

AILast updated: 07/07/2025, 13:12:38 UTC

Technical Analysis

CVE-2025-5033 is a Cross-Site Request Forgery (CSRF) vulnerability identified in XiaoBingby TeaCMS version 2.0.2, specifically within the UserManageController's addUser functionality. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a unwanted request to a web application in which they are currently authenticated. In this case, the vulnerability resides in an administrative controller responsible for adding users, which means an attacker could potentially cause an authenticated administrator to unknowingly add new users without their consent. The vulnerability is exploitable remotely and does not require prior authentication or privileges, although it does require user interaction (the victim must visit a maliciously crafted webpage). The CVSS 4.0 base score is 5.3 (medium severity), reflecting the fact that the attack vector is network-based, with low attack complexity, no privileges required, but user interaction is necessary. The impact on confidentiality is none, integrity is low (due to unauthorized user addition), and availability is none. No known exploits are currently observed in the wild, and no patches have been linked yet. The vulnerability disclosure is recent (May 21, 2025), and the exploit details have been made public, increasing the risk of exploitation. Given that TeaCMS is a content management system, the addition of unauthorized users could lead to privilege escalation or further compromise if those users gain administrative rights or access sensitive content.

Potential Impact

For European organizations using TeaCMS 2.0.2, this vulnerability poses a moderate risk. Unauthorized user creation could lead to unauthorized access, privilege escalation, and potential data manipulation or leakage if the newly created users have elevated permissions. This could compromise the integrity of organizational data and content managed by TeaCMS. Since the attack requires user interaction, phishing or social engineering campaigns targeting administrators are likely attack vectors. The impact is particularly significant for organizations relying on TeaCMS for critical content management, such as government agencies, educational institutions, and enterprises with sensitive information. The lack of confidentiality impact reduces the risk of direct data leaks, but integrity violations and potential misuse of added accounts could disrupt operations and trust. The medium severity rating suggests that while the vulnerability is not critical, it should be addressed promptly to prevent exploitation, especially in environments with high-value targets or regulatory compliance requirements like GDPR.

Mitigation Recommendations

1. Immediate mitigation should include implementing CSRF protection mechanisms such as anti-CSRF tokens in all state-changing requests, especially in the addUser functionality. 2. Administrators should be educated and warned about phishing and social engineering risks to avoid inadvertent interaction with malicious links. 3. Restrict administrative access to the TeaCMS backend through network-level controls such as VPNs or IP whitelisting to reduce exposure. 4. Monitor user creation logs closely for suspicious or unauthorized account additions. 5. If possible, disable or restrict the addUser functionality temporarily until a vendor patch is available. 6. Apply principle of least privilege to all user roles to minimize damage from unauthorized accounts. 7. Regularly update TeaCMS to the latest version once a patch addressing this vulnerability is released. 8. Employ web application firewalls (WAFs) that can detect and block CSRF attack patterns targeting the CMS.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-05-21T11:02:07.195Z
Cisa Enriched
false
Cvss Version
4.0
State
PUBLISHED

Threat ID: 682e0f74c4522896dcc513de

Added to database: 5/21/2025, 5:37:56 PM

Last enriched: 7/7/2025, 1:12:38 PM

Last updated: 8/17/2025, 10:39:25 AM

Views: 12

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats