CVE-2024-29023 | xibosignage xibo-cms up to 3.3.9/4.0.8 Session Search API information disclosure (GHSA-xmc6-cfq5-hg39)

Posted by Angelo Barbosa | Apr 13, 2024 | CVE

A vulnerability classified as problematic has been found in xibosignage xibo-cms up to 3.3.9/4.0.8. Affected is an unknown function of the component Session Search API. The manipulation leads to information disclosure.

This vulnerability is traded as CVE-2024-29023. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29023 | xibosignage xibo-cms up to 3.3.9/4.0.8 Session Search API information disclosure (GHSA-xmc6-cfq5-hg39)

Related Posts

CVE-2024-21170 | Oracle MySQL Server up to 8.4.0 Connector Python denial of service

CVE-2024-41258 | filestash 0.4 Host Key Verification ssh.InsecureIgnoreHostKey channel accessible

CVE-2024-27345 | Kofax Power PDF PDF File Parser out-of-bounds

CVE-2024-1970 | SourceCodester Online Learning System V2 1.0 /index.php page cross site scripting