CVE-2024-53505 | Siyuan 3.1.11 /getAssetContent id sql injection (Issue 13059)

Inserito da Angelo Barbosa | Nov 29, 2024 | CVE

A vulnerability classified as critical has been found in Siyuan 3.1.11. This affects an unknown part of the file /getAssetContent. The manipulation of the argument id leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-53505. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-53505 | Siyuan 3.1.11 /getAssetContent id sql injection (Issue 13059)

Post correlati

CVE-2024-27135 | Apache Pulsar up to 2.10.5/2.11.3/3.0.2/3.1.2/3.2.0 Function Worker dynamically-managed code resources

CVE-2024-4669 | Events Addon for Elementor Plugin up to 2.1.4 on WordPress Widgets cross site scripting

CVE-2024-0830 | Comments Extra Fields for Post, Pages and CPT Plugin cross-site request forgery

CVE-2024-0796 | Active Products Tables for WooCommerce Plugin up to 1.0.6.1 on WordPress cross-site request forgery