CVE-2024-4592 | DedeCMS 5.7 sys_group_edit.php cross-site request forgery

Inserito da Angelo Barbosa | Mag 7, 2024 | CVE

A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/sys_group_edit.php. The manipulation leads to cross-site request forgery.

This vulnerability was named CVE-2024-4592. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-4592 | DedeCMS 5.7 sys_group_edit.php cross-site request forgery

Post correlati

CVE-2024-30620 | Tenda AX1803 1.0.0.1 /goform/AdvSetMacMtuWan fromAdvSetMacMtuWan serviceName stack-based overflow

CVE-2024-2333 | CodeAstro Membership Management System 1.0 /add_members.php fullname sql injection

CVE-2024-4035 | Photo Gallery plugin up to 2.7.7.21 on WordPress cross site scripting

CVE-2024-29800 | timber prior 2.1.0 deserialization