A Cross Site Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker to execute unauthorized actions on behalf of an unsuspecting user. A mitigating factor is that user interaction is required. This vulnerability affected GitHub Enterprise Server 3.12.0 and was fixed in versions 3.12.1. This vulnerability was reported via the GitHub Bug Bounty program. 
History

Tue, 02 Sep 2025 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:github:enterprise_server:3.12.0:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_P

Published:

Updated: 2024-08-02T19:20:10.085Z

Reserved: 2024-03-20T17:04:53.810Z

Link: CVE-2024-2748

cve-icon Vulnrichment

Updated: 2024-08-02T19:20:06.694Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-21T00:15:09.710

Modified: 2025-09-02T14:07:47.320

Link: CVE-2024-2748

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-12T15:42:37Z