CVE-2024-41603

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-41603

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-41603.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-41603

Published

2024-07-19T17:15:03Z

Modified

2025-05-30T03:11:03.761517Z

Summary

[none]

Details

Spina CMS v2.18.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the URI /admin/layout.

References

https://github.com/topsky979/Security-Collections/tree/main/CVE-2024-41603

Affected packages

Git / github.com/spinacms/spina

Affected ranges

Type: GIT
Repo: https://github.com/spinacms/spina
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d76f8657f746429bf792ce60c6c12f1c26385825

Affected versions

v.*

v.2.4.0

v0.*

v0.11.0

v0.11.1

v0.12.0

v0.12.1

v0.8.0

v0.9.0

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.1.4

v1.2.0

v2.*

v2.0.0

v2.0.0.alpha

v2.0.0.beta

v2.0.1

v2.0.2

v2.1.0

v2.1.1

v2.10.0

v2.11.0

v2.12.0

v2.13.0

v2.13.1

v2.14.0

v2.15.0

v2.15.1

v2.16.0

v2.17.0

v2.18.0

v2.2.0

v2.3.0

v2.3.1

v2.3.2

v2.3.3

v2.3.4

v2.3.5

v2.5.0

v2.6.0

v2.6.1

v2.6.2

v2.7.0

v2.8.0

v2.8.1

v2.9.0

v2.9.1