CVE-2024-51382

Cross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 allows an attacker to reset the administrator's password. This critical security flaw can result in unauthorized access to the platform, enabling attackers to hijack admin accounts and compromise the integrity and security of the system.
Configurations

No configuration.

History

06 Nov 2024, 17:35

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad de Cross-Site Request Forgery (CSRF) en JATOS v3.9.3 permite a un atacante restablecer la contraseña del administrador. Este fallo de seguridad crítica puede generar acceso no autorizado a la plataforma, lo que permite a los atacantes secuestrar cuentas de administrador y comprometer la integridad y seguridad del sistema.
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.4
CWE CWE-352

05 Nov 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-05 19:15

Updated : 2024-11-06 18:17


NVD link : CVE-2024-51382

Mitre link : CVE-2024-51382

CVE.ORG link : CVE-2024-51382


JSON object : View

Products Affected

No product.

CWE
CWE-352

Cross-Site Request Forgery (CSRF)