CVE-2024-0545

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jan 15, 2024
Updated: May 17, 2024
CWE ID 601

Summary

CVE-2024-0545 is a newly disclosed vulnerability affecting the CodeCanyon RISE Rise Ultimate Project Manager version 3.5.3. The issue lies within the /index.php/signin file and involves a problematic open redirect functionality. An attacker can take advantage of this vulnerability by manipulating the redirect argument with a malicious URL (e.g., http://evil.com). The exploit can be initiated remotely, posing a significant threat to unsuspecting users. VDB-250714 is the assigned identifier for this vulnerability, and the exploit has already been made public.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share