CVE-2024-6449 | HyperView Geoportal Toolkit up to 8.2.4 GET Request Parameter request cross-domain policy

Inserito da Angelo Barbosa | Ago 28, 2024 | CVE

A vulnerability was found in HyperView Geoportal Toolkit up to 8.2.4. It has been classified as problematic. Affected is an unknown function of the component GET Request Parameter Handler. The manipulation of the argument request leads to permissive cross-domain policy with untrusted domains.

This vulnerability is traded as CVE-2024-6449. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-6449 | HyperView Geoportal Toolkit up to 8.2.4 GET Request Parameter request cross-domain policy

Post correlati

CVE-2023-44253 | Fortinet FortiManager/FortiAnalyzer up to 6.2.12/6.4.14/7.0.11/7.2.3/7.4.1 HTTP information disclosure (FG-IR-23-268)

CVE-2022-47037 | Siklu TG Terragraph up to 2.1.0 GetCredentials random values

CVE-2023-36235 | Webkul QloApps up to 1.5.x id_order information disclosure

CVE-2024-0471 | code-projects Human Resource Integrated System 1.0 dec_service_credits.php date sql injection