CVE-2024-52446

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 20, 2024

Updated: Nov 21, 2024

CWE ID 352

Summary

CVE-2024-52446 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Buying Buddy IDX CRM. This issue permits an attacker to inject objects into the targeted system, potentially leading to unintended actions or data manipulation. Buying Buddy IDX CRM versions from n/a to 1.1.12 are reportedly vulnerable. This vulnerability can be exploited to carry out malicious actions on behalf of an unsuspecting user, jeopardizing their data and potentially the entire organization's security. Affected organizations should immediately update to the latest, secure version of the CRM to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0a0n8P
https://www.cve.org/CVERecord?id=CVE-2024-52446
https://nvd.nist.gov/vuln/detail/CVE-2024-52446

Back to Vulnerability Database

CVE-2024-52446

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations