CVE-2024-3448

Name of the Vulnerable Software and Affected Versions No specific software name or versions are mentioned in the provided descriptions.

Description The issue allows users with low privileges to perform certain AJAX actions, leading to improper access to "ajax?action=plugin:focus:checkIframeAvailability". This results in a Server-Side Request Forgery, enabling an attacker to perform a port scan in the back-end by analyzing error messages returned from the back-end.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.