3 matches found
CVE-2024-55076
Grocy through 4.3.0 has no CSRF protection, as demonstrated by changing the Administrator's password...
CVE-2024-55076
creationtimestamp| type| source ---|---|--- 2025-01-06 20:39:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113783338674267105 2025-01-06 21:15:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf42kftlgm2e 2025-01-06 21:48:28+00:00| seen|...
CVE-2024-55076
Grocy through 4.3.0 has no CSRF protection, as demonstrated by changing the Administrator's password. Affected product is the Grocy web application up to version 4.3.0. Root cause and impact are stated in the CVE description; the practical consequence is CSRF vulnerability enabling unauthorized p...