CVE-2024-30372 | Allegra Template getLinkText injection (ZDI-24-1165)

Inserito da Angelo Barbosa | Ago 23, 2024 | CVE

A vulnerability has been found in Allegra and classified as critical. This vulnerability affects the function getLinkText of the component Template Handler. The manipulation leads to injection.

This vulnerability was named CVE-2024-30372. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-30372 | Allegra Template getLinkText injection (ZDI-24-1165)

Post correlati

CVE-2024-4080 | NI LabVIEW up to 24.1 VI tdcore.dll memory corruption

CVE-2024-43900 | Linux Kernel up to 6.1.104/6.6.45/6.10.4 load_firmware_cb initialization

CVE-2024-45453 | Maintenance Redirect Plugin up to 2.0.1 on WordPress Maintenance Mode access control

CVE-2024-41468 | Tenda FH1201 1.2.0.14 /goform/exeCommand cmdinput command injection