PT-2026-4393 · Paolo · Geodirectory

Trương Hữu Phúc

Published

2026-01-23

Updated

2026-01-28

CVE-2026-24549

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Paolo GeoDirectory versions through 2.8.147

Description A Cross-Site Request Forgery (CSRF) issue exists in Paolo GeoDirectory geodirectory, allowing attackers to perform actions on behalf of authenticated users. This can potentially lead to unauthorized actions within the application.

Recommendations Versions prior to 2.8.147 should be updated.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2026-24549

Affected Products

Geodirectory

PT-2026-4393 · Paolo · Geodirectory

CVE-2026-24549

Weakness Enumeration

Related Identifiers

Affected Products

References · 4