PT-2024-19541 · Unknown · Form Tools
Cupc4K3
+1
·
Published
2024-04-11
·
Updated
2024-11-04
·
CVE-2024-22721
CVSS v3.1
6.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Form Tools version 3.1.1
Description
A Cross Site Request Forgery (CSRF) issue allows attackers to manipulate sensitive user data via a crafted link. This can lead to unauthorized access and modification of user information.
Recommendations
For Form Tools version 3.1.1, consider implementing proper CSRF token validation to prevent attackers from manipulating user data via crafted links. As a temporary workaround, restrict access to sensitive user data until a patch is available.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Form Tools