CVE-2024-52592 | Misskey up to 2024.11.0-alpha.2 ApInboxService.update access control (GHSA-5h8r-gq97-xv69)

Posted by Angelo Barbosa | Dec 18, 2024 | CVE

A vulnerability was found in Misskey up to 2024.11.0-alpha.2. It has been declared as critical. Affected by this vulnerability is the function ApInboxService.update. The manipulation leads to improper access controls.

This vulnerability is known as CVE-2024-52592. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-52592 | Misskey up to 2024.11.0-alpha.2 ApInboxService.update access control (GHSA-5h8r-gq97-xv69)

Related Posts

CVE-2024-2848 | Responsive Plugin up to 5.0.2 on WordPress cross site scripting

CVE-2023-52527 | Linux Kernel up to 6.5.6 net/ipv6/ip6_output.c _append_data buffer overflow

CVE-2023-48909 | Jave2 3.3.1 FFmpeg Privilege Escalation

CVE-2024-37549 | Pdfcrowd Save as PDF Plugin up to 4.0.0 on WordPress cross site scripting