CVE-2024-56206

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 31, 2024
CWE ID 352

Summary

CVE-2024-56206 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Amarjeet Amar product, specifically the gap-hub-user-role component. This issue permits an attacker to perform authentication bypass, potentially gaining unauthorized access to user accounts. Users of versions 3.4.1 and below are vulnerable to this attack. CSRF vulnerabilities allow attackers to trick users into making unintended actions on a web application, posing a significant security risk. It is crucial that affected users upgrade to a secure version of the product as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share