Lucene search
HistoryAug 26, 2024 - 9:15 p.m.
CVE-2024-43287
cve-2024-43287
csrf
brevo newsletter
sendinblue
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
24.8%
Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/a through 3.1.82.
Affected configurations
Node
sendinbluenewsletter\,_smtp\,_email_marketing_and_subscribeRange<3.1.83wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sendinblue | newsletter\,_smtp\,_email_marketing_and_subscribe | * | cpe:2.3:a:sendinblue:newsletter\,_smtp\,_email_marketing_and_subscribe:*:*:*:*:*:wordpress:*:* |
Related
vulnrichment
vulnrichment
cvelist
cvelist
cve
cve
CVE-2024-43287
2024-08-26 21:15:27
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
24.8%
Related for NVD:CVE-2024-43287