CVE-2024-5712
published 2024-06-28CVE-2024-5712: A Cross-Site Request Forgery (CSRF) vulnerability was identified in the stitionai/devika application, affecting the latest version. This vulnerability allows…
PriorityP434high8.1CVSS 3.0
AVNACLPRNUIRSUCNIHAH
EPSS
0.26%
17.4th percentile
A Cross-Site Request Forgery (CSRF) vulnerability was identified in the stitionai/devika application, affecting the latest version. This vulnerability allows attackers to perform unauthorized actions in the context of a victim's browser, such as deleting projects or changing application settings, without any CSRF protection implemented. Successful exploitation disrupts the integrity and availability of the application and its data.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| stitionai | devika | — | — |
| stitionai | stitionai_devika | unspecified – latest | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-06-28
Published