CVE-2024-28435 | Twenty 0.3.0 File Upload server-side request forgery

Inserito da Angelo Barbosa | Mar 25, 2024 | CVE

A vulnerability was found in Twenty 0.3.0 and classified as critical. This issue affects some unknown processing of the component File Upload. The manipulation leads to server-side request forgery.

The identification of this vulnerability is CVE-2024-28435. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-28435 | Twenty 0.3.0 File Upload server-side request forgery

Post correlati

CVE-2024-22432 | Dell NetWorker Module for Databases and Applications up to 19.9.0.3 Database Backup credentials storage (dsa-2024-059)

CVE-2024-25602 | Liferay Portal/DXP Users Admin Module Name cross site scripting

CVE-2024-5260 | Sina Extension for Elementor Plugin up to 3.5.5 on WordPress read_more_text cross site scripting

CVE-2024-28125 | unclebob FitNesse os command injection