Lucene search

CVE-2024-41802

🗓️ 30 Jul 2024 16:04:15Reported by GitHub_MType

Xibo CMS SQL injection in DataSets filtering API, upgrade to 3.3.12 or 4.0.1

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
OSV	CVE-2024-41802	30 Jul 202416:15	–	osv
Cvelist	CVE-2024-41802 Xibo allows Sensitive Information Disclosure abusing SQL Injection in Xibo CMS DataSet Data Import	30 Jul 202415:49	–	cvelist
Vulnrichment	CVE-2024-41802 Xibo allows Sensitive Information Disclosure abusing SQL Injection in Xibo CMS DataSet Data Import	30 Jul 202415:49	–	vulnrichment
NVD	CVE-2024-41802	30 Jul 202416:15	–	nvd

Nvd

Vulners

Vulnrichment

Node

xibosignage xiboRange2.1.0–3.3.12

xibosignage xiboRange4.0.0–4.0.14

[
  {
    "vendor": "xibosignage",
    "product": "xibo-cms",
    "versions": [
      {
        "version": "=> 1.8.0, < 3.3.12",
        "status": "affected"
      },
      {
        "version": "=> 4.0.0-alpha, < 4.0.14",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/xibosignage/xibo-cms/commit/b7a5899338cd841a39702e3fcaff76aa0ffe4075
xibosignage	www.xibosignage.com/blog/security-advisory-2024-07
github	www.github.com/xibosignage/xibo-cms/security/advisories/GHSA-x4qm-vvhp-g7c2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Jul 2024 16:15Current

8.3High risk

Vulners AI Score8.3

CVSS38.1

EPSS0.0024

SSVC

CWE-89