CVE-2024-25632 | eLabFTW up to 5.0.x saml_team_create privileges assignment (GHSA-6m7p-gh9f-5mgg)

Inserito da Angelo Barbosa | Ott 1, 2024 | CVE

A vulnerability was found in eLabFTW up to 5.0.x. It has been classified as critical. Affected is the function saml_team_create. The manipulation leads to incorrect privilege assignment.

This vulnerability is traded as CVE-2024-25632. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-25632 | eLabFTW up to 5.0.x saml_team_create privileges assignment (GHSA-6m7p-gh9f-5mgg)

Post correlati

CVE-2024-4535 | KKProgressbar2 Free Plugin up to 1.1.4.2 on WordPress cross-site request forgery

CVE-2023-6325 | RomethemeForm for Elementor Plugin up to 1.1.5 on WordPress export_entries/rtformnewform/rtformupdate authorization

CVE-2024-21406 | Microsoft Windows up to Server 2022 23H2 Printing Service unknown vulnerability

CVE-2024-0750 | Mozilla Firefox Popup Notification clickjacking