CVE-2024-7367

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 1, 2024
Updated: Aug 9, 2024
CWE ID 352

Summary

CVE-2024-7367 is a newly disclosed vulnerability affecting the SourceCodester Simple Realtime Quiz System 1.0. This issue, classified as problematic, resides in the /ajax.php?action=save_user file. An attacker can exploit this vulnerability to perform cross-site request forgery, allowing them to initiate unintended actions on behalf of other users. The exploit has been made public, increasing the risk of this vulnerability being exploited in the wild. Users of the SourceCodester Simple Realtime Quiz System are strongly advised to apply the necessary patches or updates to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Simple Realtime Quiz System

Affected Vendors

  • Sourcecodester