CVE-2024-22424 | argocd up to 2.7.14/2.8.7/2.9.3/2.10-rc1 Setting cross-site request forgery (ID 2496)

Inserito da Angelo Barbosa | Gen 19, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in argocd up to 2.7.14/2.8.7/2.9.3/2.10-rc1. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery.

The identification of this vulnerability is CVE-2024-22424. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-22424 | argocd up to 2.7.14/2.8.7/2.9.3/2.10-rc1 Setting cross-site request forgery (ID 2496)

Post correlati

CVE-2024-4225 | DPS Telecom NetGuardian DIN Remote Telemetry Unit 2.0D.0062 Web Interface cross site scripting

CVE-2024-20914 | Oracle ZFS Storage Appliance Kit 8.8 Core information disclosure

CVE-2024-40547 | Sanluan PublicCMS 4.0.202302.e replace Privilege Escalation

CVE-2024-0301 | fhs-opensource iparking 1.5.22.RELEASE PayTempOrderAction.java getData sql injection