CVE-2024-25623 | Mastodon up to 3.5.18/4.0.14/4.1.14/4.2.6 HTTP Header Content-Type unrestricted upload

Inserito da Angelo Barbosa | Feb 19, 2024 | CVE

A vulnerability classified as critical has been found in Mastodon up to 3.5.18/4.0.14/4.1.14/4.2.6. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument Content-Type leads to unrestricted upload.

This vulnerability is traded as CVE-2024-25623. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-25623 | Mastodon up to 3.5.18/4.0.14/4.1.14/4.2.6 HTTP Header Content-Type unrestricted upload

Post correlati

CVE-2024-40892 | Firewalla Box Software up to 1.978 BLE weak credentials

CVE-2023-6226 | WP Shortcodes Plugin up to 5.13.3 on WordPress resource injection

CVE-2023-37926 | Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN/VPN CLI Command buffer overflow

CVE-2024-36450 | Webmin up to 1.900 sysinfo.cgi cross site scripting