CVE-2024-35451
CVSS 3.1 Score 4.8 of 10 (medium)
Details
Summary
CVE-2024-35451 is a vulnerability affecting LinkStack versions 2.7.9 through 4.7.7. This issue permits Server-Side Request Forgery (SSRF) attacks against the favicon.blade.php component. An attacker could exploit this vulnerability by crafting a malicious link that, when processed by an affected application, would initiate an unintended HTTP request. This could potentially lead to the disclosure of internal information or allow the attacker to perform unauthorized actions within the targeted system. The vulnerability poses a significant risk to organizations using LinkStack and emphasizes the importance of keeping software up-to-date to mitigate known security risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.