CVE-2024-28429

CVSS v3.1

5.5

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7

Description A Cross-Site Request Forgery (CSRF) issue was found in the "/dede/archives do.php" component. This allows an attacker to perform unintended actions on a user's behalf.

Recommendations For DedeCMS version 5.7, update to a version that includes a fix for this issue, as no specific mitigation measures are provided for this version.

Exploit

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2024-28429

Affected Products

Dedecms

CVE-2024-28429

Weakness Enumeration

Related Identifiers

Affected Products

References · 6