CVE-2024-2134 | Bdtask Hospita AutoManager up to 20240223 Investigation Report /investigation/delete/ cross-site request forgery

Posted by Angelo Barbosa | Mar 2, 2024 | CVE

A vulnerability has been found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. This vulnerability affects unknown code of the file /investigation/delete/ of the component Investigation Report Handler. The manipulation leads to cross-site request forgery.

This vulnerability was named CVE-2024-2134. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2134 | Bdtask Hospita AutoManager up to 20240223 Investigation Report /investigation/delete/ cross-site request forgery

Related Posts

CVE-2024-7000 | Google Chrome up to 126.0.6478.182 CSS use after free

CVE-2024-41175 | Beckhoff IPC Diagnostics Package/TwinCAT BSD allocation of resources (VDE-2024-049)

CVE-2024-45187 | Mage AI privileges assignment (jfsa-2024-0010)

CVE-2024-30586 | Tenda FH1202 1.2.0.14(408) /goform/WifiBasicSet formWifiBasicSet security_5g stack-based overflow