CVE-2024-28435 | Twenty 0.3.0 File Upload server-side request forgery

Inserito da Angelo Barbosa | Mar 25, 2024 | CVE

A vulnerability was found in Twenty 0.3.0 and classified as critical. This issue affects some unknown processing of the component File Upload. The manipulation leads to server-side request forgery.

The identification of this vulnerability is CVE-2024-28435. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-28435 | Twenty 0.3.0 File Upload server-side request forgery

Post correlati

CVE-2024-30037 | Microsoft Windows up to Server 2022 23H2 Common Log File System Driver out-of-bounds

CVE-2024-4287 | mintplex-labs anything-llm HTTP POST Request update input validation

CVE-2024-7506 | itsourcecode Tailoring Management System 1.0 /setlogo.php bgimg unrestricted upload

CVE-2023-6845 | CommentTweets Plugin up to 0.6 on WordPress cross-site request forgery