Lucene search

K
nvd[email protected]NVD:CVE-2024-31382
HistoryApr 15, 2024 - 11:15 a.m.

CVE-2024-31382

2024-04-1511:15:09
CWE-352
web.nvd.nist.gov
csrf
creative themes hq blocksy
vulnerability

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

4.6

Confidence

High

EPSS

0

Percentile

9.0%

Cross-Site Request Forgery (CSRF) vulnerability in Creative Themes HQ Blocksy.This issue affects Blocksy: from n/a through 2.0.22.

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

4.6

Confidence

High

EPSS

0

Percentile

9.0%

Related for NVD:CVE-2024-31382