216.73.217.176

CVE-2024-29178

· Published 18/07/2024 12:15 · Modified 18/07/2024 14:15

Labels: CVE-2024-29178 2024-07-18CVE-2024-29178CWE-94[email protected]

Essential information

Published
18/07/2024 12:15
Modified
18/07/2024 14:15
Author
Creator
CISA KEV
No
CWE

Description

On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4

NVD status

Status
Undergoing Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References