CVE-2024-4592 | DedeCMS 5.7 sys_group_edit.php cross-site request forgery

Posted by Angelo Barbosa | May 7, 2024 | CVE

A vulnerability classified as problematic was found in DedeCMS 5.7. This vulnerability affects unknown code of the file /src/dede/sys_group_edit.php. The manipulation leads to cross-site request forgery.

This vulnerability was named CVE-2024-4592. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-4592 | DedeCMS 5.7 sys_group_edit.php cross-site request forgery

Related Posts

CVE-2024-37211 | Ali2Woo Lite Plugin up to 3.3.5 on WordPress cross site scripting

CVE-2023-45593 | AiLux imx6 up to 1.0.7-1 protection mechanism

CVE-2024-43339 | WebinarPress Plugin up to 1.33.20 on WordPress cross-site request forgery

CVE-2024-8408 | Linksys WRT54G 4.21.5 POST Parameter /apply.cgi validate_services_port services_array stack-based overflow