{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T18:05:58.319","vulnerabilities":[{"cve":{"id":"CVE-2024-51381","sourceIdentifier":"cve@mitre.org","published":"2024-11-05T19:15:07.550","lastModified":"2025-06-24T13:20:52.710","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 that allows attackers to perform actions reserved for administrators, including creating admin accounts. This critical flaw can lead to unauthorized activities, compromising the security and integrity of the platform, especially if an attacker gains administrative control."},{"lang":"es","value":" Vulnerabilidad de Cross-Site Request Forgery (CSRF) en JATOS v3.9.3 que permite a los atacantes realizar acciones reservadas a los administradores, incluida la creación de cuentas de administrador. Este fallo crítico puede conducir a actividades no autorizadas, lo que compromete la seguridad y la integridad de la plataforma, especialmente si un atacante obtiene el control administrativo."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.7,"impactScore":6.0}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jatos:jatos:3.9.3:*:*:*:*:*:*:*","matchCriteriaId":"F474352B-1375-447E-88D6-5ED681E1D5C4"}]}]}],"references":[{"url":"https://hacking-notes.medium.com/cve-2024-51381-jatos-v3-9-3-csrf-admin-account-creation-94035f24d0be","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}]}