Race Condition Vulnerability in Post Commenting Function
CVE-2024-35539

6.5MEDIUM

Key Information:

Vendor: Typecho
Status: Typecho
Vendor: CVE Published:; 19 August 2024

What is CVE-2024-35539?

Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting function. This vulnerability allows attackers to post several comments before the spam protection checks if the comments are posted too frequently.

References

https://typecho.org

https://cyberaz0r.info/2024/08/typecho-multiple-vulnerabi...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2024

CVE-2024-35539 Data

JSON