CVE-2024-39326— SkillTree CSRF Vulnerability allows an attacker to modify the Video and Captions of a Skill
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-39326
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SkillTree CSRF Vulnerability allows an attacker to modify the Video and Captions of a Skill
Source: NVD (National Vulnerability Database)
Vulnerability Description
SkillTree is a micro-learning gamification platform. Prior to version 2.12.6, the endpoint `/admin/projects/{projectname}/skills/{skillname}/video` (and probably others) is open to a cross-site request forgery (CSRF) vulnerability. Due to the endpoint being CSRFable e.g POST request, supports a content type that can be exploited (multipart file upload), makes a state change and has no CSRF mitigations in place (samesite flag, CSRF token). It is possible to perform a CSRF attack against a logged in admin account, allowing an attacker that can target a logged in admin of Skills Service to modify the videos, captions, and text of the skill. Version 2.12.6 contains a patch for this issue.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨站请求伪造(CSRF)
Source: NVD (National Vulnerability Database)
Vulnerability Title
SkillTree 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SkillTree是National Security Agency开源的一个微型学习游戏化平台。提供开箱即用的 UI 可视化、方便的客户端集成库,以及用于管理游戏化培训配置文件的创建和管理的仪表板。 SkillTree 2.12.6之前版本存在安全漏洞,该漏洞源于存在跨站请求伪造(CSRF)漏洞,允许攻击者修改视频、字幕和文本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| NationalSecurityAgency | skills-service | < 2.12.6 | - |
II. Public POCs for CVE-2024-39326
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-39326
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: NationalSecurityAgency
- CVE-2026-35582
Emissary has an OS Command Injection via Unvalidated IN_FILE - CVE-2026-35583
Emissary has a Path Traversal via Blacklist Bypass in Config - CVE-2026-35581
Emissary has a Command Injection via PLACE_NAME Configuratio - CVE-2026-35580
Emissary has GitHub Actions Shell Injection via Workflow Inp - CVE-2026-35571
Emissary has Stored XSS via Navigation Template Link Injecti
Same weakness: CWE-352
- CVE-2021-47953
OpenCart 3.0.3.7 Cross-Site Request Forgery via account/pass - CVE-2021-47946
OpenCart 3.0.36 Account Takeover via Cross Site Request Forg - CVE-2022-50955
WordPress Plugin Curtain 1.0.2 Cross-site Request Forgery - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-42286
Emlog: Cross-Site Request Forgery in Admin Functions
V. Comments for CVE-2024-39326
No comments yet