CVE-2024-56903

Description

Geovision GV-ASWeb with the version 6.1.1.0 or less allows attackers to modify POST request method with the GET against critical functionalities, such as account management. This vulnerability is used in chain with CVE-2024-56901 for a successful CSRF attack.

PUBLISHED Reserved 2025-01-09 | Published 2025-02-03 | Updated 2025-03-04 | Assigner mitre

References

github.com/DRAGOWN/CVE-2024-56903

cve.org (CVE-2024-56903)

nvd.nist.gov (CVE-2024-56903)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.