CVE-2024-32863 | Johnson Controls exacqVision Web Service up to 24.03 cross-site request forgery (icsa-24-214-03)

Inserito da Angelo Barbosa | Ago 1, 2024 | CVE

A vulnerability has been found in Johnson Controls exacqVision Web Service up to 24.03 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery.

This vulnerability is known as CVE-2024-32863. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-32863 | Johnson Controls exacqVision Web Service up to 24.03 cross-site request forgery (icsa-24-214-03)

Post correlati

CVE-2024-24815 | CKeditor4 up to 4.23.x HTML Parsing Module cross site scripting (GHSA-fq6h-4g8v-qqvm)

CVE-2024-31556 | Reportico Web up to 8.0.x Session ID Local Privilege Escalation

CVE-2024-10345 | Helix Core up to 2024.1 shutdown resource consumption

CVE-2024-8719 | Flexmls IDX Plugin up to 3.14.22 on WordPress cross site scripting