CVE-2024-38873
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Jun 21, 2024
Updated: Jul 3, 2024
CWE ID 284
Summary
CVE-2024-38873 is a vulnerability affecting the friendlycaptcha_official extension before version 0.1.4 for TYPO3. This issue permits a remote user to bypass the captcha check in submitted form data for the ext:form extension, as the extension fails to verify the requirement of the captcha field. This weakness, if exploited, could lead to unauthorized access or data manipulation in systems utilizing the vulnerable extension. Users are advised to update to the latest version of friendlycaptcha_official to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share