CVE-2024-54388

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 16, 2024

CWE ID 352

Summary

CVE-2024-54388 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Multiple Admin Emails, from an unknown version through 1.0. An attacker can exploit this issue by deceiving a user into performing an unwanted action on their own site, leading to potential data manipulation or unauthorized access. This vulnerability poses a serious risk, as it can bypass same-origin policy restrictions, enabling attackers to hijack user sessions and execute malicious activities. It is essential for users to update their Multiple Admin Emails installation to a secure version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1KJ1-d
https://www.cve.org/CVERecord?id=CVE-2024-54388
https://nvd.nist.gov/vuln/detail/CVE-2024-54388

Back to Vulnerability Database

CVE-2024-54388

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations