A vulnerability classified as critical has been found in XenForo up to 2.2.13. This affects an unknown part of the component ZIP Archive Handler. The manipulation leads to path traversal.
This vulnerability is uniquely identified as CVE-2024-25006. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to upgrade the affected component.