Description

Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized.

Remediation

References

CVE-2024-34009

Related Vulnerabilities

Apache Tomcat CVE-2016-8735 Vulnerability (CVE-2016-8735)

MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-2102)

WordPress 4.1.x Cross-Site Request Forgery (4.1 - 4.1.25)

WordPress Plugin BuddyPress Extended Friendship Request Cross-Site Scripting (1.0.1)

MySQL CVE-2018-2810 Vulnerability (CVE-2018-2810)

Severity

High

Classification

CVE-2024-34009 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities