How severe is CVE-2024-11071?

CVE-2024-11071 has a CVSS v3 score of 8.8 (HIGH).

CVE-2024-11071

8.8HIGH

Permissive Cross-domain Policy with Untrusted Domains vulnerability in local API server of DestinyECM solution(versions described below) which is developed and maintained by Cyberdigm may allow Cross-

Publicado: 4/7/2025Actualizado: 4/7/2025

Descripción

Permissive Cross-domain Policy with Untrusted Domains vulnerability in local API server of DestinyECM solution(versions described below) which is developed and maintained by Cyberdigm may allow Cross-Site Request Forgery (CSRF) attack, which probabilistically enables JSON Hijacking (aka JavaScript Hijacking) via forgery web page.* Due to product customization, version information may differ from the following version description. For further inquiries, please contact the vendor.

Análisis IAImpulsado por IA

Referencias

https://cyberdigm.co.kr/destinyEcm