CVE-2024-2820

A vulnerability classified as problematic was found in DedeCMS 5.7. Affected by this vulnerability is an unknown functionality of the file /src/dede/baidunews.php. The manipulation of the argument filename leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257707. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Configurations

No configuration.

History

No history.

Information

Published : 2024-03-22 16:15

Updated : 2024-05-17 02:38


NVD link : CVE-2024-2820

Mitre link : CVE-2024-2820

CVE.ORG link : CVE-2024-2820


JSON object : View

Products Affected

No product.

CWE
CWE-352

Cross-Site Request Forgery (CSRF)