CVE-2024-39623

Name of the Vulnerable Software and Affected Versions: CridioStudio ListingPro versions n/a through 2.9.4

Description: A Cross-Site Request Forgery (CSRF) issue allows authentication bypass. This means an attacker can perform actions on behalf of a user without their knowledge or consent. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations: For versions n/a through 2.9.4, update to a version later than 2.9.4 to resolve the issue. As a temporary workaround, consider implementing additional authentication measures to minimize the risk of exploitation. Restrict access to sensitive functionality to minimize the risk of authentication bypass.