CVE-2024-1099 | Rebuild up to 3.5.5 /filex/read-raw getFileOfData url cross site scripting

Inserito da Angelo Barbosa | Gen 31, 2024 | CVE

A vulnerability was found in Rebuild up to 3.5.5. It has been classified as problematic. Affected is the function getFileOfData of the file /filex/read-raw. The manipulation of the argument url leads to cross site scripting.

This vulnerability is traded as CVE-2024-1099. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-1099 | Rebuild up to 3.5.5 /filex/read-raw getFileOfData url cross site scripting

Post correlati

CVE-2024-44946 | Linux Kernel up to 6.1.106/6.6.47/6.10.6 include/linux/skbuff.h kcm_release use after free

CVE-2024-23107 | Fortinet FortiWeb up to 6.3.23/7.0.8/7.2.4/7.4.0 CLI information disclosure (FG-IR-23-191)

CVE-2024-5471 | Zoho ManageEngine DDI Central up to 4001 Agent hard-coded credentials

CVE-2024-5354 | anji-plus AJ-Report up to 1.4.1 detailByCode shareToken information disclosure