CVE-2024-37102
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Summary
CVE-2024-37102 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Blossom Themes Vilva, specifically versions from n/a to 1.2.2. A CSRF attack tricks a user into unintentionally executing unwanted actions on a website they are currently authenticated to. In this instance, an attacker could exploit the flaw to perform unauthorized actions on the victim's behalf. This poses a significant security risk, as the user may not be aware of the malicious request. It is essential for Vilva users to update their software to a version free from this vulnerability to mitigate risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.