CVE-2024-31372

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 12, 2024

CWE ID 352

Summary

CVE-2024-31372 represents a Cross-Site Request Forgery (CSRF) vulnerability identified in Arnan de Gans No-Bot Registration. Affecting versions from n/a to 1.9.1, this issue allows an attacker to force an authenticated user to perform unwanted actions within the application, potentially resulting in data manipulation or unauthorized access. By exploiting this CSRF flaw, an adversary can craft malicious requests to be executed by the victim's web browser when they navigate to a specially crafted website, jeopardizing the confidentiality and integrity of the affected system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vVzDqt
https://www.cve.org/CVERecord?id=CVE-2024-31372
https://nvd.nist.gov/vuln/detail/CVE-2024-31372

Back to Vulnerability Database

CVE-2024-31372

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations