CVE-2024-4537

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published May 7, 2024

CWE ID 639

Summary

CVE-2024-4537 is an Identity Overflow (IDOR) vulnerability discovered in Janto Ticketing Software version 4.3r10. This issue allows a remote user to manipulate the application's parameters, enabling them to access another user's ticket download URL and obtain unauthorized access to their purchased ticket. This security weakness could potentially lead to data breaches and unauthorized ticket usage, posing a significant risk to organizations using the affected software. It's essential to patch the vulnerability as soon as possible to prevent potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vynaZI
https://www.cve.org/CVERecord?id=CVE-2024-4537
https://nvd.nist.gov/vuln/detail/CVE-2024-4537

Back to Vulnerability Database

CVE-2024-4537

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations