Lucene search
K

4 matches found

NVD
NVD
added 2024/01/29 10:15 a.m.20 views

CVE-2024-23792

When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affec...

6.5CVSS5.8AI score0.00345EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/01/29 10:15 a.m.33 views

CVE-2024-23792

When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affec...

6.5CVSS6.6AI score0.00345EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/29 9:20 a.m.18 views

CVE-2024-23792 Insufficient access control

When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affec...

5.3CVSS6.9AI score0.00345EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/29 9:20 a.m.32 views

CVE-2024-23792 Insufficient access control

When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affec...

5.3CVSS6.6AI score0.00345EPSS
Exploits0References1
Rows per page
Query Builder