CVE-2024-42627
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Aug 12, 2024
Updated: Aug 13, 2024
CWE ID 352
Summary
CVE-2024-42627 is a newly disclosed Cross-Site Request Forgery (CSRF) vulnerability affecting FrogCMS version 0.9.5. An attacker can exploit this issue by sending a maliciously crafted request to a user, leading them to perform unintended actions within the application's admin panel, such as deleting snippets, without their knowledge or consent. This may result in data loss or unauthorized modifications to the affected system. Users are advised to upgrade to the latest FrogCMS version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share