CVE-2024-7840 | Progress Telerik Reporting up to 18.2.24.806 Hyperlink command injection

Posted by Angelo Barbosa | Oct 9, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Progress Telerik Reporting up to 18.2.24.806. Affected by this issue is some unknown functionality of the component Hyperlink Handler. The manipulation leads to command injection.

This vulnerability is handled as CVE-2024-7840. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-7840 | Progress Telerik Reporting up to 18.2.24.806 Hyperlink command injection

Related Posts

CVE-2024-35684 | 10up ElasticPress Plugin up to 5.1.0 on WordPress cross-site request forgery

CVE-2024-5801 | B&R Industrial Automation Automation Runtime up to 6.0.1 insecure default initialization of resource

CVE-2023-49770 | Peter Raschendorfer Smart External Link Click Monitor Plugin up to 5.0.2 on WordPress cross site scripting

CVE-2024-5224 | Easy Social Like Box Plugin up to 4.0 on WordPress Shortcode cross site scripting