CVE-2024-49770 | oak up to 17.1.2 API Context.send path traversal

Inserito da Angelo Barbosa | Nov 1, 2024 | CVE

A vulnerability was found in oak up to 17.1.2. It has been rated as problematic. This issue affects the function Context.send of the component API. The manipulation leads to path traversal: ‘…/…//’.

The identification of this vulnerability is CVE-2024-49770. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49770 | oak up to 17.1.2 API Context.send path traversal

Post correlati

CVE-2024-0892 | Schema App Structured Data Plugin up to 2.2.0 on WordPress cross-site request forgery

CVE-2023-43816 | Delta Electronics DOPSoft up to 2.00.07.04 DPS File wKPFStringLen buffer overflow

CVE-2024-5532 | OpenText Operations Agent up to 12.26 cross site scripting

CVE-2024-46946 | langchain_experimental up to 0.3.0 sympy.sympify Privilege Escalation