CVE-2024-12760

Summary

CVE-2024-12760 is a newly discovered open redirect vulnerability affecting version 1.3.9 of the bentoml/bentoml package. An attacker can exploit this issue by crafting a malicious URL, which, when visited by an unsuspecting user, will redirect them to an arbitrary website. This vulnerability poses significant risks, including phishing attacks, malware distribution, and credential theft. An unauthenticated attacker can take advantage of this vulnerability to manipulate users into trusting fake websites, installing malware, or revealing sensitive information. Users are strongly urged to update their bentoml/bentoml package to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.