CVE-2024-0356 | Mandelo ssm_shiro_blog 1.0 Backend updateRoles access control

Inserito da Angelo Barbosa | Gen 9, 2024 | CVE

A vulnerability has been found in Mandelo ssm_shiro_blog 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file updateRoles of the component Backend. The manipulation leads to improper access controls.

This vulnerability is known as CVE-2024-0356. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.

CVE-2024-0356 | Mandelo ssm_shiro_blog 1.0 Backend updateRoles access control

Post correlati

CVE-2024-23900 | Matrix Project Plugin up to 822.v01b_8c85d16d2 on Jenkins REST API path traversal

CVE-2024-1302 | Badger Meter Monitool up to 4.6.3 Log File file information disclosure

CVE-2022-40700 | PHPFreeChat Plugin on WordPress server-side request forgery

CVE-2024-38454 | ExpressionEngine up to 7.4.10 cross site scripting