CVE-2024-22212 | NextCloud Global Site Selector up to 1.4.0/2.1.1/2.3.3/2.4.4 authentication bypass (GHSA-vj5q-f63m-wp77)

Inserito da Angelo Barbosa | Gen 18, 2024 | CVE

A vulnerability classified as critical has been found in NextCloud Global Site Selector up to 1.4.0/2.1.1/2.3.3/2.4.4. This affects an unknown part of the component Global Site Selector. The manipulation leads to authentication bypass using alternate channel.

This vulnerability is uniquely identified as CVE-2024-22212. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-22212 | NextCloud Global Site Selector up to 1.4.0/2.1.1/2.3.3/2.4.4 authentication bypass (GHSA-vj5q-f63m-wp77)

Post correlati

CVE-2023-49508 | YetiForceCompany YetiForceCRM up to 6.4.0 LibraryLicense.php license path traversal

CVE-2023-47150 | IBM Common Cryptographic Architecture up to 7.5.36 AES resource consumption (XFDB-270602)

CVE-2024-1338 | ImageRecycle PDF & Image Compression Plugin up to 3.1.13 on WordPress Setting stopOptimizeAll cross-site request forgery

CVE-2023-51766 | Exim up to 4.97 E-Mail Message protection mechanism