Platform
other
Component
prime
Opgelost in
0.4.1
CVE-2025-15550 describes a cross-site request forgery (XSRF) vulnerability discovered in birkir prime. This vulnerability allows attackers to craft malicious GET requests targeting the GraphQL endpoint, potentially leading to unauthorized actions against privileged users. The vulnerability impacts versions 0.0 through 0.4.0.beta.0 of birkir prime, and a fix is expected in a future release.
The XSRF vulnerability in birkir prime allows an attacker to trick a legitimate user into unknowingly executing actions on their behalf. By crafting a malicious GET request and enticing a user to click a link or visit a compromised page, an attacker can manipulate GraphQL query parameters to trigger actions as that user. This could include data modification, privilege escalation, or other unauthorized operations, depending on the user's permissions and the available GraphQL queries. The potential blast radius is significant, especially if privileged users are targeted, as an attacker could gain control over sensitive data or system functionalities.
CVE-2025-15550 was publicly disclosed on 2026-01-29. Currently, there are no known public proof-of-concept exploits available. The EPSS score is pending evaluation. No active campaigns targeting this vulnerability have been reported at this time. Further investigation and monitoring are recommended.
Organizations and individuals utilizing birkir prime versions 0.0 through 0.4.0.beta.0 are at risk. This includes deployments where the GraphQL endpoint is exposed to untrusted networks or users, and those lacking robust input validation and output encoding mechanisms.
disclosure
Exploit Status
EPSS
0.01% (1% percentiel)
CISA SSVC
CVSS-vector
Due to the lack of a specific fixed version, immediate mitigation strategies are crucial. Implement strict input validation and output encoding on all GraphQL queries to prevent malicious parameter manipulation. Consider implementing anti-CSRF tokens for all sensitive operations within the GraphQL endpoint. Web application firewalls (WAFs) configured to detect and block suspicious GET requests targeting the GraphQL endpoint can provide an additional layer of protection. Regularly review and audit GraphQL query permissions to minimize the potential impact of successful exploitation. Monitor access logs for unusual activity and patterns indicative of XSRF attacks.
Actualiseer naar een versie later dan 0.4.0.beta.0 die de CSRF kwetsbaarheid in het GraphQL endpoint oplost. Controleer de release notes om te bevestigen dat de kwetsbaarheid is aangepakt. Indien er geen geüpdatete versie beschikbaar is, overweeg dan om het GraphQL endpoint uit te schakelen of de toegang daartoe te beperken totdat een update is gepubliceerd.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-15550 is a cross-site request forgery (XSRF) vulnerability affecting birkir prime versions 0.0 - 0.4.0.beta.0, allowing attackers to perform unauthorized actions via malicious GET requests to the GraphQL endpoint.
Yes, if you are using birkir prime versions 0.0 through 0.4.0.beta.0 and your GraphQL endpoint is exposed to untrusted users or networks, you are potentially affected by this vulnerability.
A fixed version is not yet available. Mitigate by implementing strict input validation, output encoding, anti-CSRF tokens, and WAF rules to protect the GraphQL endpoint.
Currently, there are no confirmed reports of active exploitation, but vigilance and proactive mitigation are still recommended.
Refer to the birkir prime project's official website or repository for updates and advisories related to CVE-2025-15550.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.