CVE-2024-54205

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 6, 2024
CWE ID 352

Summary

CVE-2024-54205 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Paloma Widget. This issue allows unauthorized users to submit malicious requests on behalf of a victim, potentially leading to unintended actions or data modifications. The Paloma Widget, with versions from n/a through 1.14, is vulnerable to this attack. Users are advised to update the affected software as soon as possible to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share