CVE-2024-23320 | Apache DolphinScheduler up to 3.2.0 code injection

Inserito da Angelo Barbosa | Feb 23, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Apache DolphinScheduler up to 3.2.0. Affected by this issue is some unknown functionality. The manipulation leads to code injection.

This vulnerability is handled as CVE-2024-23320. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23320 | Apache DolphinScheduler up to 3.2.0 code injection

Post correlati

CVE-2024-6684 | GST Electronics inohom Nova Panel N7 up to 1.9.9.6 authentication bypass

CVE-2024-23477 | SolarWinds Access Rights Manager up to 2023.2.2 path traversal

CVE-2024-22477 | Ping Identity PingFederate up to 12.0.0 Admin Console OIDC Policy Management Editor cross site scripting

CVE-2024-21648 | XWiki xwiki-platform/xwiki-platform-oldcore Rollback Action insufficient privileges