CVE-2024-23830 | MantisBT up to 2.26.0 Notification Message config_inc.php injection (GHSA-mcqj-7p29-9528)

Inserito da Angelo Barbosa | Feb 21, 2024 | CVE

A vulnerability classified as critical was found in MantisBT up to 2.26.0. Affected by this vulnerability is an unknown functionality of the file config_inc.php of the component Notification Message Handler. The manipulation leads to injection.

This vulnerability is known as CVE-2024-23830. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23830 | MantisBT up to 2.26.0 Notification Message config_inc.php injection (GHSA-mcqj-7p29-9528)

Post correlati

CVE-2024-44730 | MiroTalk Chat Message handleDataChannelChat access control (c21d58)

CVE-2024-3571 | langchain-ai langchain up to 0.0.352 LocalFileStore path traversal

CVE-2023-7242 | CISA Ethercat Zeek Plugin Packet Analyzer out-of-bounds (icsa-24-051-02)

CVE-2023-7048 | My Sticky Bar Plugin up to 2.6.6 on WordPress cross-site request forgery