8 matches found
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-24978
TvRock 0.9t8a has a DoS vulnerability that can trigger an ABEND via a specially crafted request, with exploitation possible by remote attackers or by users clicking the crafted request. The developer is unreachable, and multiple sources advise stopping use of TvRock 0.9t8a. No public patch or mit...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-23597
CVE-2024-23597 describes a cross-site request forgery (CSRF) in TvRock 0.9t8a. When a logged‑in user visits a crafted page, unintended operations may be performed. The issue is attributed to TvRock’s lack of reachable mitigation, prompting multiple sources to recommend stopping use of version 0.9...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-26018
Cross-site scripting vulnerability exists in TvRock 0.9t8a. An arbitrary script may be executed on the web browser of the user accessing the website that uses the product. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-26018
TvRock is affected by a cross-site scripting vulnerability (CWE-79) in version 0.9t8a. The issue allows arbitrary script execution in the browser of users visiting a site that uses TvRock, with the root cause noted as the developer being unreachable. Multiple sources (NVD, Red Hat, JVN, PtSecurit...