PT-2025-2823 · Magepeople · Magepeople Team Bus Ticket Booking With Seat Reservation

Sharanabasappa

Published

2025-01-07

Updated

2025-01-07

CVE-2024-49294

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions MagePeople Team Bus Ticket Booking with Seat Reservation versions n/a through 5.4.3

Description The issue is related to a Cross-Site Request Forgery (CSRF) problem, which allows Cross Site Request Forgery. This affects the bus ticket booking system with seat reservation functionality.

Recommendations For versions n/a through 5.4.3, update to a version later than 5.4.3 to resolve the issue. As a temporary workaround, consider implementing additional validation for requests to prevent Cross Site Request Forgery.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2024-49294

Affected Products

Magepeople Team Bus Ticket Booking With Seat Reservation

PT-2025-2823 · Magepeople · Magepeople Team Bus Ticket Booking With Seat Reservation

CVE-2024-49294

Weakness Enumeration

Related Identifiers

Affected Products

References · 5