CVE-2024-22643

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jan 30, 2024

Updated: Feb 3, 2024

CWE ID 352

Summary

CVE-2024-22643 is a Cross-Site Request Forgery (CSRF) vulnerability affecting SEO Panel version 4.10.0. This issue allows remote attackers to trick users into making unintended actions on the affected website, specifically resetting user passwords without the users' knowledge or consent. Successful attacks can lead to unauthorized access, potentially compromising sensitive data. Users of SEO Panel version 4.10.0 are strongly advised to update to a patched version immediately to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uGxgwc
https://www.cve.org/CVERecord?id=CVE-2024-22643
https://nvd.nist.gov/vuln/detail/CVE-2024-22643

Back to Vulnerability Database

CVE-2024-22643

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations