CVE-2024-42623
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-42623 is a newly disclosed vulnerability affecting FrogCMS version 0.9.5. This issue involves a Cross-Site Request Forgery (CSRF) vulnerability, which allows an attacker to deceitfully trick a user into making unintended actions on a web application, such as deleting content. Specifically, this vulnerability can be exploited through the /admin/?/layout/delete/1 endpoint. Successful exploitation of this CSRF weakness could result in unauthorized deletions, potentially leading to data loss or other significant consequences. It is essential for FrogCMS users running version 0.9.5 to apply the necessary patch or update as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.