CVE-2024-52008 | ethyca fides up to 2.49.x API Endpoint accept-invite client-side enforcement of server-side security (GHSA-v7vm-rhmg-8j2r)

Inserito da Angelo Barbosa | Nov 27, 2024 | CVE

A vulnerability has been found in ethyca fides up to 2.49.x and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /api/v1/user/accept-invite of the component API Endpoint. The manipulation leads to client-side enforcement of server-side security.

This vulnerability is known as CVE-2024-52008. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-52008 | ethyca fides up to 2.49.x API Endpoint accept-invite client-side enforcement of server-side security (GHSA-v7vm-rhmg-8j2r)

Post correlati

CVE-2021-4433 | Karjasoft Sami HTTP Server 2.0 HTTP HEAD Rrequest denial of service (ID 163138)

CVE-2023-45117 | Projectworlds Online Examination System 1.0 update.php eid sql injection

CVE-2023-37577 | GTKWave 3.3.115 get_vartoken use after free (TALOS-2023-1806)

CVE-2024-24552 | Bludit session fixiation