CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-5712

A Cross-Site Request Forgery (CSRF) vulnerability was identified in the stitionai/devika application, affecting the latest version. This vulnerability allows attackers to perform unauthorized actions in the context of a victim's browser, such as deleting projects or changing application settings, without any CSRF protection implemented. Successful exploitation disrupts the integrity and availability of the application and its data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.0%

CVSS Severity

CVSS v3 Score 8.1

References

https://huntr.com/bounties/301aeafb-af28-4b0b-a2cf-9a2ff1da1ef4
https://huntr.com/bounties/301aeafb-af28-4b0b-a2cf-9a2ff1da1ef4

Products affected by CVE-2024-5712

Stitionai » Devika » Version: 1.0

cpe:2.3:a:stitionai:devika:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5712

Products

Pricing

Contact Us