CVE-2024-49770 | oak up to 17.1.2 API Context.send path traversal

Posted by Angelo Barbosa | Nov 1, 2024 | CVE

A vulnerability was found in oak up to 17.1.2. It has been rated as problematic. This issue affects the function Context.send of the component API. The manipulation leads to path traversal: ‘…/…//’.

The identification of this vulnerability is CVE-2024-49770. The attack may be initiated remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49770 | oak up to 17.1.2 API Context.send path traversal

Related Posts

CVE-2024-4363 | Visual Portfolio, Photo Gallery & Post Grid Plugin cross site scripting

CVE-2024-47635 | TinyPNG Plugin up to 3.4.3 on WordPress cross-site request forgery

CVE-2024-0525 | CXBSoft Url-shorting up to 1.3.1 HTTP POST Request /pages/long_s_short.php longurl sql injection

CVE-2024-37505 | Rara Themes Business One Page Plugin up to 1.2.9 on WordPress authorization