CVE-2024-53850 | pluginsGLPI addressing 3.0.0/3.0.1/3.0.2 IP Report externally-controlled input to select classes or code (GHSA-fw42-79gw-7qr9)

Posted by Angelo Barbosa | Dec 26, 2024 | CVE

A vulnerability has been found in pluginsGLPI addressing 3.0.0/3.0.1/3.0.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the component IP Report Handler. The manipulation leads to use of externally-controlled input to select classes or code.

This vulnerability is known as CVE-2024-53850. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-53850 | pluginsGLPI addressing 3.0.0/3.0.1/3.0.2 IP Report externally-controlled input to select classes or code (GHSA-fw42-79gw-7qr9)

Related Posts

CVE-2024-28214 | NAVER nGrinder up to 3.5.8 Delay resource consumption

CVE-2024-37514 | ArtistScope CopySafe Web Protection Plugin up to 3.14 on WordPress cross site scripting

CVE-2024-52811 | ngtcp2 = 1.9.0 conn_recv_pkt buffer overflow (GHSA-4gmv-gf46-r4g5)

CVE-2024-37623 | Xinhu RockOA 2.6.3 tpl_kaoqin_locationchange.html cross site scripting