Security Advisory

CVE-2025-48740

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-23 00:00:00

Last updated 2025-05-23 21:18:48

Assigner mitre

State PUBLISHED

Description

A Cross-Site Request Forgery (CSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows a remote attacker to trigger requests on their victims behalf, if the attacker lures a privileged user, authenticated with basic authentication.

← Browse all CVEs View on cve.org ↗