BLU-IC2 and BLU-IC4 Cross-Site Request Forgery Vulnerability

Vulnerability

A vulnerability exists in BLU-IC2 and BLU-IC4 applications, both through version 1.19.5, due to a systemic failure to implement Cross-Site Request Forgery (CSRF) tokens. This lack of proper tokenization creates a security risk by allowing potential CSRF attacks, where an attacker could trick a user into performing actions they did not intend to.

Impact

The absence of CSRF token implementation leaves users vulnerable to Cross-Site Request Forgery attacks, where an attacker could exploit the user's session to perform unauthorized actions.

Added: Oct 29, 2025, 5:30 PM

Updated: Oct 29, 2025, 5:30 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.0

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.0

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BLU-IC2 and BLU-IC4 Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating