Unrated severityNVD Advisory· Published Sep 4, 2024· Updated Sep 4, 2024
CVE-2024-44821
CVE-2024-44821
Description
ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha response, allowing them to capture the correct captcha value through error messages.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.