CVE-2024-39326 | National Security Agency skills-service up to 2.12.5 video cross-site request forgery

Posted by Angelo Barbosa | Jul 2, 2024 | CVE

A vulnerability classified as problematic has been found in National Security Agency skills-service up to 2.12.5. Affected is an unknown function of the file /admin/projects/{projectname}/skills/{skillname}/video. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2024-39326. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-39326 | National Security Agency skills-service up to 2.12.5 video cross-site request forgery

Related Posts

CVE-2024-30690 | ROS2 Galactic Geochelone Node injection

CVE-2023-50292 | Apache Solr up to 8.11.2/9.2.x permission assignment

CVE-2024-43180 | IBM Concert 1.0 cookie missing secure attribute (XFDB-351213)

CVE-2024-32287 | Tenda W30E 1.0.1.25(633) fromqossetting qos stack-based overflow