CVE-2024-42627

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 12, 2024
Updated: Aug 13, 2024
CWE ID 352

Summary

CVE-2024-42627 is a newly disclosed Cross-Site Request Forgery (CSRF) vulnerability affecting FrogCMS version 0.9.5. An attacker can exploit this issue by sending a maliciously crafted request to a user, leading them to perform unintended actions within the application's admin panel, such as deleting snippets, without their knowledge or consent. This may result in data loss or unauthorized modifications to the affected system. Users are advised to upgrade to the latest FrogCMS version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share