04 Sep 2024

CVE-2024-44821

5.3 Medium Severity

ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha response, allowing them to capture the correct captcha value through error messages.

suggest your own:

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Apps (0)
Operating Systems (0)

xtranslations

xdetection

xremediation

Comments (0)
Comments (0)