CVE-2024-30541

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Mar 31, 2024

Updated: Apr 1, 2024

CWE ID 352

Summary

CVE-2024-30541 is a Cross-Site Request Forgery (CSRF) vulnerability affecting LWS Optimize. This issue allows an attacker to manipulate a user's browser into making unintended actions on a web application, such as modifying their account settings or transferring funds. LWS Optimize versions from n/a through 1.9.1 are reportedly impacted by this vulnerability. Successful exploitation of this CSRF weakness could result in significant data loss or unauthorized access to affected systems. Users are advised to update to the latest version of LWS Optimize as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vHvgZ7
https://www.cve.org/CVERecord?id=CVE-2024-30541
https://nvd.nist.gov/vuln/detail/CVE-2024-30541

Back to Vulnerability Database

CVE-2024-30541

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations