CVE-2024-51037

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-51037
CWE	https://cwe.mitre.org/data/definitions/346.html

An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password reset function.

Weakness

The product does not properly verify that the source of data or communication is valid.

https://cwe.mitre.org/data/definitions/111.html
https://cwe.mitre.org/data/definitions/141.html
https://cwe.mitre.org/data/definitions/142.html
https://cwe.mitre.org/data/definitions/160.html
https://cwe.mitre.org/data/definitions/21.html
https://cwe.mitre.org/data/definitions/384.html
https://cwe.mitre.org/data/definitions/385.html
https://cwe.mitre.org/data/definitions/386.html
https://cwe.mitre.org/data/definitions/387.html
https://cwe.mitre.org/data/definitions/388.html
https://cwe.mitre.org/data/definitions/510.html
https://cwe.mitre.org/data/definitions/59.html
https://cwe.mitre.org/data/definitions/60.html
https://cwe.mitre.org/data/definitions/75.html
https://cwe.mitre.org/data/definitions/76.html
https://cwe.mitre.org/data/definitions/89.html

References

http://kodbox.com
https://github.com/kalcaddle/kodbox
https://www.tommonkey.cn/2024/11/13/CVE-2024-51037-Disclosed/

Origin Validation Error

Weakness

Related Attack Patterns

References