CVE-2024-51156

Name of the Vulnerable Software and Affected Versions: 07FLYCMS version 1.3.9

Description: A Cross-Site Request Forgery (CSRF) issue was discovered in the component related to 'erp.07fly.net:80/admin/SysNotifyUser/del.html?id=93'. This issue allows for unauthorized requests. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations: For 07FLYCMS version 1.3.9, as a temporary workaround, consider restricting access to the vulnerable component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.