CVE-2024-51382

Name of the Vulnerable Software and Affected Versions JATOS version 3.9.3

Description A Cross-Site Request Forgery (CSRF) issue allows an attacker to reset the administrator's password, resulting in unauthorized access to the platform. This can enable attackers to hijack admin accounts and compromise the system's integrity and security.

Recommendations For JATOS version 3.9.3, as a temporary workaround, consider restricting access to the password reset functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.