CVE-2025-55045 identifies a CSRF vulnerability in the MuraCMS content management system, specifically affecting the updateAddress function in versions through 10.1.10. The core issue is the absence of CSRF token validation in this function, which allows attackers to exploit the trust relationship between an authenticated administrator's browser and the MuraCMS server. By crafting a malicious webpage that automatically submits hidden forms, an attacker can cause the administrator's browser to unknowingly send requests that alter user address data. This includes adding new addresses with attacker-controlled email addresses and phone numbers, modifying existing addresses to redirect communications, or deleting legitimate addresses. The consequences include compromised data integrity, misdirected sensitive communications, disruption of business operations, and increased risk of social engineering attacks leveraging corrupted address information. The attack requires the administrator to be authenticated and to visit the malicious page, but no user interaction beyond page visit is necessary. Although no CVSS score or patches are currently available, the vulnerability is significant due to the potential for unauthorized data manipulation and operational impact. No known exploits have been reported in the wild, but the vulnerability's nature makes it a critical concern for organizations relying on MuraCMS for managing user contact information.

The impact of CVE-2025-55045 is primarily on the integrity and reliability of user address data within affected MuraCMS installations. Unauthorized manipulation of address information can lead to misdirected communications, potentially exposing sensitive data to attackers or third parties. This can compromise user privacy and organizational confidentiality. Additionally, disruption of legitimate business correspondence can result in operational inefficiencies, loss of trust, and reputational damage. The injection of attacker-controlled contact details also facilitates social engineering attacks, increasing the risk of further compromise. Since the vulnerability requires an authenticated administrator to visit a malicious webpage, the scope is limited to organizations with MuraCMS deployments where administrators may be targeted via phishing or drive-by attacks. However, the ease of exploitation without additional user interaction and the potential for persistent data corruption make this a serious threat to organizations worldwide that rely on MuraCMS for content and user management.

To mitigate CVE-2025-55045, organizations should immediately implement CSRF protections on the updateAddress function within MuraCMS, ensuring that all state-changing requests require a valid, unique CSRF token verified server-side. Until an official patch is released, administrators should be advised to avoid visiting untrusted or suspicious websites while logged into MuraCMS administrative accounts. Employing web application firewalls (WAFs) with rules to detect and block CSRF attack patterns can provide additional protection. Organizations should also enforce strict access controls and session management to limit administrator exposure. Monitoring logs for unusual address modification activities can help detect exploitation attempts early. Regular security awareness training for administrators about phishing and social engineering risks is critical to reduce the likelihood of visiting malicious pages. Finally, organizations should track vendor advisories for patches or updates addressing this vulnerability and apply them promptly once available.