The vulnerability CVE-2024-53793 affects jerodmoore eDoc Easy Tables up to version 1.29. It is a Cross-Site Request Forgery (CSRF) vulnerability that facilitates Blind SQL Injection attacks. This means that an attacker can trick an authenticated user into submitting a request that executes unauthorized SQL commands on the backend database without direct user interaction. The CVSS 3.1 vector indicates the attack can be performed remotely over the network with low attack complexity and no privileges required, but requires user interaction. The impact includes high confidentiality loss and low availability impact, with a scope change. No patch or vendor advisory is currently available.

Successful exploitation of this vulnerability can lead to unauthorized disclosure of sensitive data through Blind SQL Injection. The attacker can manipulate database queries indirectly by exploiting the CSRF flaw, potentially compromising data confidentiality. The availability impact is low, and integrity impact is not indicated. There are no known active exploits in the wild at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider implementing CSRF protections such as anti-CSRF tokens and restricting database query permissions to mitigate potential exploitation. Monitor vendor channels for updates and apply patches promptly once available.