CVE-2024-7314 | anji-plus AJ-Report up to 1.4.0 HTTP Request /swagger-ui insufficient permissions or privileges

Inserito da Angelo Barbosa | Ago 2, 2024 | CVE

A vulnerability, which was classified as very critical, was found in anji-plus AJ-Report up to 1.4.0. Affected is an unknown function of the component HTTP Request Handler. The manipulation of the argument /swagger-ui leads to improper handling of insufficient permissions or privileges.

This vulnerability is traded as CVE-2024-7314. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-7314 | anji-plus AJ-Report up to 1.4.0 HTTP Request /swagger-ui insufficient permissions or privileges

Post correlati

CVE-2024-2231 | Himer Plugin up to 2.1.0 on WordPress Private Group authorization

CVE-2024-40094 | GraphQL Java up to 19.10/20.8/21.4 ExecutableNormalizedFields denial of service

CVE-2023-37577 | GTKWave 3.3.115 get_vartoken use after free (TALOS-2023-1806)

CVE-2023-46455 | GL.iNet GL-AR300M up to 4.3.7 OpenVPN Client File Upload path traversal