CVE-2024-53855 | nofusscomputing centurion_erp up to 1.3.0 API Endpoint view_ticket_change improper isolation or compartmentalization (GHSA-h9q2-fcc6-r65c)

Inserito da Angelo Barbosa | Nov 27, 2024 | CVE

A vulnerability, which was classified as problematic, was found in nofusscomputing centurion_erp up to 1.3.0. This affects the function view_ticket_change of the component API Endpoint. The manipulation leads to improper isolation or compartmentalization.

This vulnerability is uniquely identified as CVE-2024-53855. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-53855 | nofusscomputing centurion_erp up to 1.3.0 API Endpoint view_ticket_change improper isolation or compartmentalization (GHSA-h9q2-fcc6-r65c)

Post correlati

CVE-2024-0524 | CXBSoft Url-shorting up to 1.3.1 index.php url sql injection

CVE-2024-10023 | code-projects Pharmacy Management System 1.0 add_new_medicine.php name/packing/generic_name/suppliers_name sql injection

CVE-2024-43962 | LWS Affiliation Plugin up to 2.3.3 on WordPress authorization

CVE-2024-0286 | PHPGurukul Hospital Management System 1.0 Contact Form index.php#contact_us Name/Email/Message cross site scripting