CVE-2024-42054
5.4MEDIUMCervantes through 0.5-alpha accepts insecure file uploads.
Опубликовано: 7/28/2024Обновлено: 11/21/2024
Описание
Cervantes through 0.5-alpha accepts insecure file uploads.
ИИ-АнализНа базе ИИ
Затронутые продукты
cervantesseccervantes
0.3
cervantesseccervantes
0.4
cervantesseccervantes
0.5
Ссылки
- https://github.com/CervantesSec/cervantes/commit/78631a034d0fb3323a53fb7428b2022b29a0d2cdPatch
- https://www.getastra.com/blog/vulnerability/xss-insecure-file-cervantes/Third Party Advisory
- https://www.jinsonvarghese.com/stored-xss-file-upload-vulnerabilities-found-in-cervantes/Third Party Advisory
- https://github.com/CervantesSec/cervantes/commit/78631a034d0fb3323a53fb7428b2022b29a0d2cdPatch
- https://www.getastra.com/blog/vulnerability/xss-insecure-file-cervantes/Third Party Advisory
- https://www.jinsonvarghese.com/stored-xss-file-upload-vulnerabilities-found-in-cervantes/Third Party Advisory