CVE-2024-31373

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Apr 15, 2024

CWE ID 352

Summary

CVE-2024-31373 represents a Cross-Site Request Forgery (CSRF) vulnerability in e2pdf, a specific version of the software ranging from n/a to 1.20.27. This weakness allows malicious actors to trick users into performing unintended actions on the affected system by manipulating their browsers to submit malicious requests on their behalf. CSRF attacks can lead to data theft, unauthorized modifications, and other unwanted consequences. Users and organizations are strongly advised to update their e2pdf installations to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vZd9bf
https://www.cve.org/CVERecord?id=CVE-2024-31373
https://nvd.nist.gov/vuln/detail/CVE-2024-31373

Back to Vulnerability Database

CVE-2024-31373

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations