CVE-2024-25632 | eLabFTW up to 5.0.x saml_team_create privileges assignment (GHSA-6m7p-gh9f-5mgg)

Posted by Angelo Barbosa | Oct 1, 2024 | CVE

A vulnerability was found in eLabFTW up to 5.0.x. It has been classified as critical. Affected is the function saml_team_create. The manipulation leads to incorrect privilege assignment.

This vulnerability is traded as CVE-2024-25632. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-25632 | eLabFTW up to 5.0.x saml_team_create privileges assignment (GHSA-6m7p-gh9f-5mgg)

Related Posts

CVE-2024-6020 | Fetch Designs Sign-up Sheets Plugin up to 2.2.12 on WordPress REQUEST_URI cross site scripting

CVE-2024-8207 | MongoDB Server up to 5.0.13/6.0.2 on Linux Library process control

CVE-2024-27567 | LBT T300-T390 2.2.1.8 HTTP POST Request config_vpn_pptp vpn_client_ip stack-based overflow

CVE-2024-40934 | Linux Kernel up to 6.9.5 logitech-dj logi_dj_recv_switch_to_dj_mode memory leak