CVE-2024-21544 | spatie browsershot up to 5.0.0 URL Validation setUrl file inclusion (SNYK-PHP-SPATIEBROWSERSHOT-8496745)

Posted by Angelo Barbosa | Dec 13, 2024 | CVE

A vulnerability, which was classified as problematic, was found in spatie browsershot up to 5.0.0. This affects the function setUrl of the component URL Validation Handler. The manipulation leads to file inclusion.

This vulnerability is uniquely identified as CVE-2024-21544. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21544 | spatie browsershot up to 5.0.0 URL Validation setUrl file inclusion (SNYK-PHP-SPATIEBROWSERSHOT-8496745)

Related Posts

CVE-2023-35659 | Google Android devicemem_server.c DevmemIntChangeSparse behavioral workflow

CVE-2024-37535 | GNOME VTE up to 0.76.2 Window Resize Escape Sequence memory allocation (Issue 2786)

CVE-2024-11329 | Comfino Payment Gateway Plugin up to 4.1.1 on WordPress cross site scripting

CVE-2024-0352 | Likeshop up to 2.5.7.20210311 HTTP POST Request File.php userFormImage file unrestricted upload