CVE-2024-49760 | OpenRefine up to 3.8.2 translations-$LANG.json LANG path traversal (GHSA-qfwq-6jh6-8xx4)

Inserito da Angelo Barbosa | Ott 25, 2024 | CVE

A vulnerability was found in OpenRefine up to 3.8.2. It has been declared as critical. This vulnerability affects unknown code of the file translations-$LANG.json. The manipulation of the argument LANG leads to path traversal.

This vulnerability was named CVE-2024-49760. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49760 | OpenRefine up to 3.8.2 translations-$LANG.json LANG path traversal (GHSA-qfwq-6jh6-8xx4)

Post correlati

CVE-2024-30925 | jeffpiazza DerbyNet 9.0 photo-thumbs.php racerid/back cross site scripting

CVE-2024-1148 | OpenText PVCS Version Manager prior 8.6.3.3 improper authentication

CVE-2024-35693 | Code for Recovery 12 Step Meeting List Plugin up to 3.14.33 on WordPress cross site scripting

CVE-2024-25742 | Linux Kernel up to 6.8 on AMD Virtual Interrupt injection