CVE-2024-47823 | Livewire up to 3.5.1 getClientOriginalName unrestricted upload (GHSA-f3cx-396f-7jqp)

Inserito da Angelo Barbosa | Ott 8, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Livewire up to 3.5.1. This issue affects the function getClientOriginalName. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-47823. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47823 | Livewire up to 3.5.1 getClientOriginalName unrestricted upload (GHSA-f3cx-396f-7jqp)

Post correlati

CVE-2024-9482 | AVG/Avast Antivirus 24.1 on macOS out-of-bounds write

CVE-2024-34344 | Nuxt up to 3.12.3 NuxtTestComponentWrapper path cross site scripting (GHSA-v784-fjjh-f8r4)

CVE-2024-1345 | LaborOfficeFree 19.10 weak password

CVE-2023-48986 | CUSG Content Management System up to 7.74 users.php cross site scripting