CVE-2024-2826 | lakernote EasyAdmin up to 20240315 saveReportFile xml external entity reference (I98ZTA)

Inserito da Angelo Barbosa | Mar 22, 2024 | CVE

A vulnerability classified as problematic was found in lakernote EasyAdmin up to 20240315. This vulnerability affects unknown code of the file /ureport/designer/saveReportFile. The manipulation leads to xml external entity reference.

This vulnerability was named CVE-2024-2826. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-2826 | lakernote EasyAdmin up to 20240315 saveReportFile xml external entity reference (I98ZTA)

Post correlati

CVE-2024-3082 | Plug&Track Sensor Net Connect V2 2.24 credentials storage

CVE-2023-26211 | Fortinet FortiSOAR up to 6.4.1/6.4.4/7.0.3/7.2.2/7.3.2 Communications Module cross site scripting (FG-IR-23-088)

CVE-2023-40112 | Google Android 11 ipp.c ippSetValueTag information disclosure

CVE-2024-25006 | XenForo up to 2.2.13 ZIP Archive path traversal