CVE-2024-24524

Name of the Vulnerable Software and Affected Versions flusity-CMS version 2.33

Description A Cross Site Request Forgery (CSRF) issue allows remote attackers to execute arbitrary code via the add menu.php component. This enables attackers to perform unauthorized actions on behalf of a legitimate user.

Recommendations For flusity-CMS version 2.33, consider disabling access to the add menu.php component until a patch is available to prevent exploitation of the CSRF vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.