CVE-2024-6441 | ORIPA up to 1.72 LoaderXML.java deserialization (Issue 355)

Posted by Angelo Barbosa | Jul 2, 2024 | CVE

A vulnerability was found in ORIPA up to 1.72. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file src/main/java/oripa/persistence/doc/loader/LoaderXML.java. The manipulation leads to deserialization.

This vulnerability is known as CVE-2024-6441. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6441 | ORIPA up to 1.72 LoaderXML.java deserialization (Issue 355)

Related Posts

CVE-2023-51451 | getsentry symbolicator up to 21.12.0 server-side request forgery (GHSA-ghg9-7m82-h96r)

CVE-2024-10287 | LocalServer 1.0.9 /mlss/ForgotPassword ListName cross site scripting

CVE-2023-50205 | D-Link G416 awsfile command injection (ZDI-23-1821)

CVE-2024-32343 | Boid CMS 2.1.0 Content cross site scripting