CVE-2024-52592 | Misskey up to 2024.11.0-alpha.2 ApInboxService.update access control (GHSA-5h8r-gq97-xv69)

Inserito da Angelo Barbosa | Dic 18, 2024 | CVE

A vulnerability was found in Misskey up to 2024.11.0-alpha.2. It has been declared as critical. Affected by this vulnerability is the function ApInboxService.update. The manipulation leads to improper access controls.

This vulnerability is known as CVE-2024-52592. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-52592 | Misskey up to 2024.11.0-alpha.2 ApInboxService.update access control (GHSA-5h8r-gq97-xv69)

Post correlati

CVE-2024-38146 | Microsoft unknown vulnerability

CVE-2024-6431 | Media.net Ads Manager Plugin up to 2.10.13 on WordPress File Upload authorization

CVE-2024-37502 | wpweb WooCommerce Social Login Plugin up to 2.6.3 on WordPress deserialization

CVE-2024-5289 | Kadence Gutenberg Blocks with AI Plugin up to 3.2.42 on WordPress Google Maps Widget cross site scripting