Vulnerability Details CVE-2024-2748
A Cross Site Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker to execute unauthorized actions on behalf of an unsuspecting user. A mitigating factor is that user interaction is required. This vulnerability affected GitHub Enterprise Server 3.12.0 and was fixed in versions 3.12.1. This vulnerability was reported via the GitHub Bug Bounty program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.3%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2024-2748
-
cpe:2.3:a:github:enterprise_server:3.12.0