3 matches found
CVE-2024-27730
Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information and execute arbitrary code via the cid parameter of the calendar event feature...
CVE-2024-27729
CVE-2024-27729 describes a Cross Site Scripting vulnerability in the Friendica 2023.12 calendar event feature, where an attacker can obtain sensitive information via the calendar event’s location parameter. The affected software is Friendica (version 2023.12) and the underlying issue is a reflect...
CVE-2024-27730
Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information and execute arbitrary code via the cid parameter of the calendar event feature...