CVE-2024-3151

Name of the Vulnerable Software and Affected Versions Bdtask Multi-Store Inventory Management System up to 20240325

Description A vulnerability was found in the Bdtask Multi-Store Inventory Management System, affecting an unknown function of the file /stockmovment/stockmovment/delete/ of the component Stock Movement Page. This issue leads to cross-site request forgery and can be exploited remotely. The exploit has been disclosed to the public.

Recommendations For Bdtask Multi-Store Inventory Management System up to 20240325, consider disabling access to the /stockmovment/stockmovment/delete/ endpoint as a temporary workaround until a patch is available. Restrict access to the Stock Movement Page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.