CVE-2025-27912: An issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when (1) Entra ID or OpenID Connect...
Description
An issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when (1) Entra ID or OpenID Connect authentication is in use and a user visits a compromised/malicious site, or (2) when username/password or Active Directory authentication is in use and a user visits a compromised/malicious site under the same effective top-level domain as the Seq server. Exploitation of the vulnerability allows the attacker to conduct impersonation attacks and perform actions in Seq on behalf of the targeted user.
Classification
CVE ID: CVE-2025-27912
CVSS Base Severity: HIGH
CVSS Base Score: 8.8
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Problem Types
CWE-352 Cross-Site Request Forgery (CSRF)Affected Products
Vendor: Datalust
Product: Seq
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.03% (probability of being exploited)
EPSS Percentile: 5.82% (scored less or equal to compared to others)
EPSS Date: 2025-04-09 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-27912https://datalust.co/seq
https://github.com/datalust/seq-tickets/issues/2366