CVE-2024-42631
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Aug 12, 2024
Updated: Aug 13, 2024
CWE ID 352
Summary
CVE-2024-42631: A Cross-Site Request Forgery (CSRF) vulnerability has been identified in FrogCMS version 0.9.5. Attackers can exploit this flaw by making unauthorized requests to the /admin/?/layout/edit/1 endpoint, potentially leading to the modification or deletion of administrative settings without the user's consent. Users are advised to update to the latest FrogCMS version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share