Plataforma
other
Componente
prime
Corrigido em
0.4.1
CVE-2025-15550 describes a cross-site request forgery (XSRF) vulnerability discovered in birkir prime. This vulnerability allows attackers to craft malicious GET requests targeting the GraphQL endpoint, potentially leading to unauthorized actions against privileged users. The vulnerability impacts versions 0.0 through 0.4.0.beta.0 of birkir prime, and a fix is expected in a future release.
The XSRF vulnerability in birkir prime allows an attacker to trick a legitimate user into unknowingly executing actions on their behalf. By crafting a malicious GET request and enticing a user to click a link or visit a compromised page, an attacker can manipulate GraphQL query parameters to trigger actions as that user. This could include data modification, privilege escalation, or other unauthorized operations, depending on the user's permissions and the available GraphQL queries. The potential blast radius is significant, especially if privileged users are targeted, as an attacker could gain control over sensitive data or system functionalities.
CVE-2025-15550 was publicly disclosed on 2026-01-29. Currently, there are no known public proof-of-concept exploits available. The EPSS score is pending evaluation. No active campaigns targeting this vulnerability have been reported at this time. Further investigation and monitoring are recommended.
Organizations and individuals utilizing birkir prime versions 0.0 through 0.4.0.beta.0 are at risk. This includes deployments where the GraphQL endpoint is exposed to untrusted networks or users, and those lacking robust input validation and output encoding mechanisms.
disclosure
Status do Exploit
EPSS
0.01% (percentil 1%)
CISA SSVC
Vetor CVSS
Due to the lack of a specific fixed version, immediate mitigation strategies are crucial. Implement strict input validation and output encoding on all GraphQL queries to prevent malicious parameter manipulation. Consider implementing anti-CSRF tokens for all sensitive operations within the GraphQL endpoint. Web application firewalls (WAFs) configured to detect and block suspicious GET requests targeting the GraphQL endpoint can provide an additional layer of protection. Regularly review and audit GraphQL query permissions to minimize the potential impact of successful exploitation. Monitor access logs for unusual activity and patterns indicative of XSRF attacks.
Atualizar para uma versão posterior a 0.4.0.beta.0 que corrija a vulnerabilidade CSRF no endpoint GraphQL. Verificar as notas da versão para confirmar que a vulnerabilidade foi abordada. Se não houver uma versão corrigida disponível, considerar desabilitar ou restringir o acesso ao endpoint GraphQL até que uma atualização seja publicada.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2025-15550 is a cross-site request forgery (XSRF) vulnerability affecting birkir prime versions 0.0 - 0.4.0.beta.0, allowing attackers to perform unauthorized actions via malicious GET requests to the GraphQL endpoint.
Yes, if you are using birkir prime versions 0.0 through 0.4.0.beta.0 and your GraphQL endpoint is exposed to untrusted users or networks, you are potentially affected by this vulnerability.
A fixed version is not yet available. Mitigate by implementing strict input validation, output encoding, anti-CSRF tokens, and WAF rules to protect the GraphQL endpoint.
Currently, there are no confirmed reports of active exploitation, but vigilance and proactive mitigation are still recommended.
Refer to the birkir prime project's official website or repository for updates and advisories related to CVE-2025-15550.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.