CVE-2024-23649 | Lemmy up to 0.19.0 API report improper authorization (GHSA-r64r-5h43-26qv)

Posted by Angelo Barbosa | Jan 24, 2024 | CVE

A vulnerability classified as critical was found in Lemmy up to 0.19.0. This vulnerability affects unknown code of the file /api/v3/private_message/report of the component API. The manipulation leads to improper authorization.

This vulnerability was named CVE-2024-23649. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23649 | Lemmy up to 0.19.0 API report improper authorization (GHSA-r64r-5h43-26qv)

Related Posts

CVE-2024-2960 | SVS Pricing Tables Plugin up to 1.0.4 on WordPress Pricing Table Deletion cross-site request forgery

CVE-2024-2651 | GitLab Community Edition/Enterprise Edition up to 16.9.6/16.10.4/16.11.1 Markdown resource consumption (Issue 450830)

CVE-2024-32726 | vinoth06 Frontend Dashboard Plugin up to 2.2.2 on WordPress information disclosure

CVE-2024-26266 | Liferay Portal/DXP first name/middle name/last name cross site scripting