CVE-2024-12251 | Progress Telerik UI for WinUI up to 2.x Hyperlink Element command injection

Inserito da Angelo Barbosa | Feb 12, 2025 | CVE

A vulnerability classified as critical was found in Progress Telerik UI for WinUI up to 2.x. This vulnerability affects unknown code of the component Hyperlink Element Handler. The manipulation leads to command injection.

This vulnerability was named CVE-2024-12251. Local access is required to approach this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-12251 | Progress Telerik UI for WinUI up to 2.x Hyperlink Element command injection

Post correlati

CVE-2024-13377 | GravityForms Plugin up to 2.9.1.3 on WordPress alt cross site scripting

CVE-2024-38581 | Linux Kernel up to 6.1.92/6.6.32/6.8.11 amdgpu_mes.c use after free

CVE-2024-47826 | eLabFTW up to 5.1.4 experiments.php cross site scripting (GHSA-cjww-pr9f-4c4w)

CVE-2024-37160 | Formwork up to 1.13.0/2.0.0-beta.1 /panel/options/site cross site scripting (GHSA-5pxr-7m4j-jjc6)