CVE-2024-31372
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-31372 represents a Cross-Site Request Forgery (CSRF) vulnerability identified in Arnan de Gans No-Bot Registration. Affecting versions from n/a to 1.9.1, this issue allows an attacker to force an authenticated user to perform unwanted actions within the application, potentially resulting in data manipulation or unauthorized access. By exploiting this CSRF flaw, an adversary can craft malicious requests to be executed by the victim's web browser when they navigate to a specially crafted website, jeopardizing the confidentiality and integrity of the affected system.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.