PT-2024-27314 · Unknown · Uncanny Automator Pro

Dave Jong

Published

2024-06-21

Updated

2024-06-24

CVE-2024-37118

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Uncanny Automator Pro versions n/a through 5.3

Description The issue is a Cross Site Request Forgery (CSRF) vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to.

Recommendations For versions n/a through 5.3, update to a version later than 5.3 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2024-37118

Affected Products

Uncanny Automator Pro

PT-2024-27314 · Unknown · Uncanny Automator Pro

CVE-2024-37118

Weakness Enumeration

Related Identifiers

Affected Products

References · 5