CVE-2024-25808 | Lychee 3.1.6 Create New Album cross-site request forgery (Issue 17)

Inserito da Angelo Barbosa | Mar 22, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Lychee 3.1.6. Affected is an unknown function of the component Create New Album Handler. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2024-25808. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-25808 | Lychee 3.1.6 Create New Album cross-site request forgery (Issue 17)

Post correlati

CVE-2023-48745 | Captcha Code Plugin up to 2.8 on WordPress CAPTCHA Page access control

CVE-2024-45245 | Diebold Nixdorf Vynamic View up to 5.9.4 information disclosure

CVE-2024-7185 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx buffer overflow

CVE-2024-22550 | ShopSite 14.0 SVG File /alsdemo/ss/mediam.cgi unrestricted upload (ID 176312)