CVE-2024-49770 | oak up to 17.1.2 API Context.send path traversal

Inserito da Angelo Barbosa | Nov 1, 2024 | CVE

A vulnerability was found in oak up to 17.1.2. It has been rated as problematic. This issue affects the function Context.send of the component API. The manipulation leads to path traversal: ‘…/…//’.

The identification of this vulnerability is CVE-2024-49770. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49770 | oak up to 17.1.2 API Context.send path traversal

Post correlati

CVE-2024-9410 | Ada Support Ada.cx Sentry Component prior October 1/2024 Configuration server-side request forgery

CVE-2024-3027 | Smart Slider Plugin up to 3.5.1.22 on WordPress File Upload authorization

CVE-2024-2136 | WPKoi Templates for Elementor Plugin up to 2.5.6 on WordPress Advanced Heading Widget cross site scripting

CVE-2024-5332 | Exclusive Addons for Elementor Plugin up to 2.6.9.8 on WordPress Card Widget cross site scripting