CVE-2024-53799

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 6, 2024
CWE ID 862

Summary

CVE-2024-53799 is a newly disclosed vulnerability affecting BAKKBONE Australia's FloristPress software. This missing authorization issue arises due to incorrectly configured access control security levels, enabling unauthorized exploitation. It impacts FloristPress versions from n/a to 7.3.0. Unauthorized users may gain unintended access to critical functionalities, potentially leading to serious data breaches or system compromise. Users are advised to update their FloristPress software as soon as a patch becomes available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share