CVE-2024-49621

Name of the Vulnerable Software and Affected Versions APA Register Newsletter Form versions n/a through 1.0.0

Description The issue is a Cross-Site Request Forgery (CSRF) vulnerability that allows SQL Injection in the APA Register Newsletter Form. This means an attacker can trick a user into performing unintended actions on the web application, potentially leading to the execution of malicious SQL code.

Recommendations For versions n/a through 1.0.0, consider disabling the form submission functionality until a patch is available to prevent SQL Injection via CSRF. As a temporary workaround, restrict access to the APA Register Newsletter Form to minimize the risk of exploitation. Avoid using the APA Register Newsletter Form until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.