CVE-2024-38453 | SalesForce Avalara for Salesforce CPQ App up to 6.x API Key information disclosure

Inserito da Angelo Barbosa | Lug 3, 2024 | CVE

A vulnerability classified as problematic was found in SalesForce Avalara for Salesforce CPQ App up to 6.x. This vulnerability affects unknown code of the component API Key Handler. The manipulation leads to information disclosure.

This vulnerability was named CVE-2024-38453. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38453 | SalesForce Avalara for Salesforce CPQ App up to 6.x API Key information disclosure

Post correlati

CVE-2024-38770 | Revmakx Backup and Staging WP Time Capsule Plugin up to 1.22.20 on WordPress privileges management

CVE-2024-21752 | Ernest Marcinko Ajax Search Lite Plugin up to 4.11.4 on WordPress cross-site request forgery

CVE-2024-33050 | Qualcomm Snapdragon Auto up to SSG2115P MBSSID Parser buffer over-read

CVE-2023-35631 | Microsoft Windows 11 21H2/11 22H2/11 23H2/Server 2022 23H2 Win32k Local Privilege Escalation