CVE-2024-22281 | Apache Helix Front express-session hard-coded password

Posted by Angelo Barbosa | Aug 20, 2024 | CVE

A vulnerability was found in Apache Helix Front and classified as problematic. Affected by this issue is some unknown functionality of the component express-session. The manipulation leads to use of hard-coded password. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is handled as CVE-2024-22281. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-22281 | Apache Helix Front express-session hard-coded password

Related Posts

CVE-2024-5798 | HashiCorp Vault/Vault Enterprise JSON Web Token improper authorization

CVE-2023-48286 | Accept Stripe Payments Plugin up to 2.0.79 on WordPress resource injection

CVE-2024-37569 | Mitel 6869i up to 4.5.0.41/5.0.0.1018 provis.html hostname os command injection

CVE-2024-5729 | Simple AL Slider Plugin up to 1.2.10 on WordPress cross site scripting