CVE-2024-42054

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-42054
Cervantes through 0.5-alpha accepts insecure file uploads.
CVSS

No CVSS.

References
Link Resource
https://github.com/CervantesSec/cervantes/commit/78631a034d0fb3323a53fb7428b2022b29a0d2cd
https://www.getastra.com/blog/vulnerability/xss-insecure-file-cervantes/
https://www.jinsonvarghese.com/stored-xss-file-upload-vulnerabilities-found-in-cervantes/
Configurations

No configuration.

History

29 Jul 2024, 14:12

Type Values Removed Values Added
Summary
  • (es) Cervantes hasta 0.5-alpha acepta cargas de archivos no seguras.
Information

Published : 2024-07-28 04:15

Updated : 2024-07-29 14:12

NVD link : CVE-2024-42054

Mitre link : CVE-2024-42054

CVE.ORG link : CVE-2024-42054

JSON object : View

Products Affected

No product.

CWE

No CWE.