CVE-2024-27968

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Mar 21, 2024

CWE ID 352

Summary

CVE-2024-27968 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Super Page Cache for Cloudflare, from versions n/a through 4.7.5. An attacker can exploit this issue to perform Stored XSS (Cross-Site Scripting) attacks on unsuspecting users. The CSRF flaw enables the execution of malicious scripts when a user visits a specially crafted webpage, potentially leading to data theft or unauthorized actions. This vulnerability poses a significant risk and requires immediate attention and patching from Cloudflare users running affected versions of Super Page Cache.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/u94nOQ
https://www.cve.org/CVERecord?id=CVE-2024-27968
https://nvd.nist.gov/vuln/detail/CVE-2024-27968

Back to Vulnerability Database

CVE-2024-27968

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations