CVE-2024-23736

Name of the Vulnerable Software and Affected Versions savignano S/Notify versions prior to 4.0.2 for Confluence

Description A Cross Site Request Forgery (CSRF) issue allows attackers to manipulate a user's S/MIME certificate or PGP key via malicious links or emails.

Recommendations For versions prior to 4.0.2, update to version 4.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive user settings until the update is applied. Avoid clicking on suspicious links or opening malicious emails to minimize the risk of exploitation.