How severe is CVE-2024-53829?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.2 out of 10.

What type of vulnerability is CVE-2024-53829?

This is classified as CWE-352, which is a common weakness in software security.

CVE-2024-53829 - HIGH Severity | CVSS 8.2

Vulnerability Description

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Cross-site request forgery allows an unauthenticated attacker to hijack the authentication of a logged in user, and use the web API with the same permissions, including but not limited to adding, removing or editing products. The attacker needs to know the ID of the available products to modify or delete them. The attacker cannot directly exfiltrate data (view) from CodeChecker, due to being limited to form-based CSRF. This issue affects CodeChecker: through 6.24.4.

Related Vulnerabilities

CVE-2024-29026

HIGH

CVSS:8.2(High)

Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. In versions 0.1.2 and prior, a lenient CORS policy allows attackers to make a cross origin requ...

CWE-3522024

CVE-2024-52451

HIGH

CVSS:8.2(High)

Cross-Site Request Forgery (CSRF) vulnerability in Aaron Robbins Post Ideas allows SQL Injection.This issue affects Post Ideas: from n/a through 2.

CWE-3522024

CVE-2024-53793

HIGH

CVSS:8.2(High)

Cross-Site Request Forgery (CSRF) vulnerability in eDoc Intelligence LLC eDoc Easy Tables allows Blind SQL Injection.This issue affects eDoc Easy Tables: from n/a through 1.29.

CWE-3522024

CVE-2025-22347

HIGH

CVSS:8.2(High)

Cross-Site Request Forgery (CSRF) vulnerability in BannerSky.com BSK Forms Blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through 3.9.

CWE-3522025

CVE-2025-24897

HIGH

CVSS:8.2(High)

Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, due to a lack of CSRF protection and the lack of proper security attribu...

CWE-3522025

CVE-2025-30783

HIGH

CVSS:8.2(High)

Cross-Site Request Forgery (CSRF) vulnerability in jgwhite33 WP Google Review Slider allows SQL Injection. This issue affects WP Google Review Slider: from n/a through 16.0.

CWE-3522025