A Cross Site Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker to execute unauthorized actions on behalf of an unsuspecting user. A mitigating factor is that user interaction is required. This vulnerability affected GitHub Enterprise Server 3.12.0 and was fixed in versions 3.12.1. This vulnerability was reported via the GitHub Bug Bounty program.
Metrics
Affected Vendors & Products
References
History
Tue, 02 Sep 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:github:enterprise_server:3.12.0:*:*:*:*:*:*:* |

Status: PUBLISHED
Assigner: GitHub_P
Published:
Updated: 2024-08-02T19:20:10.085Z
Reserved: 2024-03-20T17:04:53.810Z
Link: CVE-2024-2748

Updated: 2024-08-02T19:20:06.694Z

Status : Analyzed
Published: 2024-03-21T00:15:09.710
Modified: 2025-09-02T14:07:47.320
Link: CVE-2024-2748

No data.

Updated: 2025-07-12T15:42:37Z