Medium severityNVD Advisory· Published May 23, 2025· Updated Jun 17, 2026
CVE-2025-48740
CVE-2025-48740
Description
A Cross-Site Request Forgery (CSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows a remote attacker to trigger requests on their victim's behalf, if the attacker lures a privileged user, authenticated with basic authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <5.2.16, <5.3.11, <5.4.10, <5.5.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.