CVE-2024-55076 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Grocy through 4.3.0 has no CSRF protection, as demonstrated by changing the Administrator's password.
High CVSS: 8.1

CVE-2024-55076

Grocy through 4.3.0 has no CSRF protection, as demonstrated by changing the Administrator's password.
Vendor
Grocy Project
Product
Grocy
CWE
CWE-352
Yayın Tarihi
2025-01-06 21:15:15
Güncelleme
2025-09-05 14:07:09
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-352 Grocy HIGH Grocy Project 2025

Referanslar

https://m10x.de/posts/2024/11/all-your-recipe-are-belong-to-us-part-1/3-stored-xss-csrf-and-broken-access-control-vulnerabilities-in-grocy/ https://m10x.de/posts/2024/11/all-your-recipe-are-belong-to-us-part-1/3-stored-xss-csrf-and-broken-access-control-vulnerabilities-in-grocy/