Lucene search

CVE-2024-39326 SkillTree CSRF Vulnerability allows an attacker to modify the Video and Captions of a Skill

🗓️ 02 Jul 2024 20:01:55Reported by GitHub_MType

CVE-2024-39326 SkillTree CSRF Vulnerability allows attacker to modify Skill Video

Reporter	Title	Published	Views	Family All 4
Vulnrichment	CVE-2024-39326 SkillTree CSRF Vulnerability allows an attacker to modify the Video and Captions of a Skill	2 Jul 202420:55	–	vulnrichment
OSV	CVE-2024-39326	2 Jul 202421:15	–	osv
CVE	CVE-2024-39326	2 Jul 202421:15	–	cve
NVD	CVE-2024-39326	2 Jul 202421:15	–	nvd

[
  {
    "vendor": "NationalSecurityAgency",
    "product": "skills-service",
    "versions": [
      {
        "version": "< 2.12.6",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/NationalSecurityAgency/skills-service/security/advisories/GHSA-9624-qwxr-jr4j
github	www.github.com/NationalSecurityAgency/skills-service/blob/24dd22f43306fc616e4580fb8bb88f66b5d9b41d/service/src/main/java/skills/controller/AdminController.groovy
github	www.github.com/NationalSecurityAgency/skills-service/commit/68d4235ddcb16e4f33fc7f19d14ff917817a366c

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Jul 2024 20:55Current

CVSS34.4

EPSS0.00069

CWE-352