CVSS 3.1 Score 4.3 of 10 (medium)


Published Mar 21, 2024
CWE ID 352


CVE-2024-2748 is a Cross-Site Request Forgery (CSRF) vulnerability that affected GitHub Enterprise Server version 3.12.0. This vulnerability allowed an attacker to perform unauthorized actions on behalf of an unsuspecting user, but it required user interaction. The issue was fixed in GitHub Enterprise Server version 3.12.1. The vulnerability was reported through the GitHub Bug Bounty program and had a base severity rating of MEDIUM.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-2748 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options