Unrated severityNVD Advisory· Published Mar 22, 2024· Updated Aug 12, 2024
LoadMaster Cross-Site Request Forgery (CSRF)
CVE-2024-2449
Description
A cross-site request forgery vulnerability has been identified in LoadMaster. It is possible for a malicious actor, who has prior knowledge of the IP or hostname of a specific LoadMaster, to direct an authenticated LoadMaster administrator to a third-party site. In such a scenario, the CSRF payload hosted on the malicious site would execute HTTP transactions on behalf of the LoadMaster administrator.
Affected products
2- Progress Software/LoadMasterv5Range: 7.2.55.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.