CVE-2024-33651

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Apr 26, 2024

CWE ID 352

Summary

CVE-2024-33651 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Matthew Fries MF Gig Calendar from version n/a through 1.2.1. This issue allows an attacker to manipulate a user's session unknowingly, leading to unintended actions on the affected calendar. An attacker could modify or delete events, causing disruptions and potential data loss. Users are encouraged to update to a secure version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vmgwjg
https://www.cve.org/CVERecord?id=CVE-2024-33651
https://nvd.nist.gov/vuln/detail/CVE-2024-33651

Back to Vulnerability Database

CVE-2024-33651

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations