3 matches found
CVE-2024-51998
changedetection.io is a free open source web page change detection tool. The validation for the file URI scheme falls short, and results in an attacker being able to read any file on the system. This issue only affects instances with a webdriver enabled, and ALLOWFILEURI false or not defined. The...
CVE-2024-51998
creationtimestamp| type| source ---|---|--- 2024-11-07 23:38:32+00:00| seen| https://infosec.exchange/users/cve/statuses/113444304452588220 2024-11-08 02:08:16+00:00| seen| https://t.me/cvedetector/10148...
CVE-2024-51998 Path traversal using file URI scheme without supplying hostname in changedetection.io
changedetection.io is a free open source web page change detection tool. The validation for the file URI scheme falls short, and results in an attacker being able to read any file on the system. This issue only affects instances with a webdriver enabled, and ALLOWFILEURI false or not defined. The...