CVE-2024-54205
CVSS 3.1 Score 7.1 of 10 (high)
Details
Published Dec 6, 2024
CWE ID 352
Summary
CVE-2024-54205 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Paloma Widget. This issue allows unauthorized users to submit malicious requests on behalf of a victim, potentially leading to unintended actions or data modifications. The Paloma Widget, with versions from n/a through 1.14, is vulnerable to this attack. Users are advised to update the affected software as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share