CVE-2024-38293 | ALCASAR up to 3.6.0 activity.php cross-site request forgery

Inserito da Angelo Barbosa | Giu 13, 2024 | CVE

A vulnerability was found in ALCASAR up to 3.6.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file activity.php. The manipulation leads to cross-site request forgery.

This vulnerability is handled as CVE-2024-38293. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38293 | ALCASAR up to 3.6.0 activity.php cross-site request forgery

Post correlati

CVE-2024-26143 | Ruby on Rails up to 7.0.8.0/7.1.3.0 cross site scripting (GHSA-9822-6m93-xqf4)

CVE-2024-2408 | PHP up to 8.1.28/8.2.19/8.3.7 on Windows PKCS1 Padding openssl_private_decrypt Marvin Attack information exposure (GHSA-hh26-4ppw-5864)

CVE-2024-43438 | Moodle Feedback Non-Respondents Report resource injection

CVE-2024-33974 | Janobe School Attendance Monitoring System 1.0 /report/printlogs.php Users sql injection