CVE-2024-41811
CVSS V2 None
CVSS V3 None
Description
ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will be unaffected by this once `icinga-php-library` is upgraded. Version 0.10.1 includes a fix for this. It will be published as part of the `icinga-php-library` v0.14.1 release.
Overview
- CVE ID
- CVE-2024-41811
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-08-05T20:17:30.849Z
- Last Modified Date
- 2024-08-05T20:17:30.849Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/Icinga/ipl-web/security/advisories/GHSA-w9pg-7c3h-fc8j | x_refsource_CONFIRM |
| https://github.com/Icinga/ipl-web/commit/492336fdb57a5bb0881ed642ab36f5841337571e | x_refsource_MISC |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-41811 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41811 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-08-06 13:07:42 | Added to TrackCVE |