Cross-Site Request Forgery Vulnerability in DedeCMS by Dede
CVE-2024-28669

Currently unrated

Key Information:

Vendor: Dede
Status: DedeCMS
Vendor: CVE Published:; 13 March 2024

What is CVE-2024-28669?

DedeCMS v5.7 has been identified to have a Cross-Site Request Forgery (CSRF) vulnerability that exposes users to unauthorized actions through malicious requests sent to the application. This issue arises from improper verification of user requests, specifically through the endpoint /dede/freelist_edit.php. Attackers could exploit this vulnerability to execute unintended operations on behalf of authenticated users, potentially compromising the integrity of the web application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/777erp/cms/blob/main/10.md

Timeline

Vulnerability published
Mar 13, 2024
Vulnerability Reserved
Mar 8, 2024

JSON

Dede

What is CVE-2024-28669?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.