CVE-2024-47823 | Livewire up to 3.5.1 getClientOriginalName unrestricted upload (GHSA-f3cx-396f-7jqp)

Posted by Angelo Barbosa | Oct 8, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Livewire up to 3.5.1. This issue affects the function getClientOriginalName. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-47823. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47823 | Livewire up to 3.5.1 getClientOriginalName unrestricted upload (GHSA-f3cx-396f-7jqp)

Related Posts

CVE-2024-9395 | Mozilla Firefox up to 130 on Android Filename ui layer

CVE-2024-6947 | Flute CMS 0.2.2.4-alpha Notification ContentParser.php replaceContent code injection

CVE-2024-27885 | Apple macOS up to 12.6/13.5/14.4 symlink

CVE-2024-9863 | miniOrange OTP Verification with Firebase Plugin up to 3.6.0 on WordPress Registration Privilege Escalation