CVE-2023-52334 | Steinbeis Allegra 7.5.0 Build 29 downloadAttachmentGlobal path traversal (ZDI-24-112)

Posted by Angelo Barbosa | Nov 23, 2024 | CVE

A vulnerability classified as critical was found in Steinbeis Allegra 7.5.0 Build 29. Affected by this vulnerability is the function downloadAttachmentGlobal. The manipulation leads to path traversal.

This vulnerability is known as CVE-2023-52334. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-52334 | Steinbeis Allegra 7.5.0 Build 29 downloadAttachmentGlobal path traversal (ZDI-24-112)

Related Posts

CVE-2024-11023 | Firebase JavaScript SDK up to 10.8.x Cookie _authTokenSyncURL cross site scripting

CVE-2024-30851 | codesiddhant Jasmin Ransomware 1.0.1 download_file.php path traversal

CVE-2024-25288 | SLiMS Bulian 9.6.1 pop-scope-vocabolary.php sql injection

CVE-2024-8359 | Visteon Infotainment REFLASH_DDU_FindFile command injection (ZDI-24-1191)