CVE-2024-52294 | khoj up to 1.29.9 /api/subscription update_subscription email authorization

Inserito da Angelo Barbosa | Dic 30, 2024 | CVE

A vulnerability classified as problematic was found in khoj up to 1.29.9. This vulnerability affects the function update_subscription of the file /api/subscription. The manipulation of the argument email leads to authorization bypass.

This vulnerability was named CVE-2024-52294. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-52294 | khoj up to 1.29.9 /api/subscription update_subscription email authorization

Post correlati

CVE-2024-39701 | Directus up to 10.5.x _in/_nin access control (GHSA-hxgm-ghmv-xjjm)

CVE-2024-21749 | Atakan Au 1 click disable all Plugin up to 1.0.1 on WordPress cross-site request forgery

CVE-2024-9874 | Poll Maker Plugin up to 5.4.6 on WordPress sql injection

CVE-2023-33472 | Scada-LTS up to 2.7.5.2 Privilege Escalation