2 matches found
CVE-2024-3187
This issue tracks two CWE-416 Use After Free UAF and one CWE-415 Double Free vulnerabilities in Goahead versions = 6.0.0. These are caused by JST values not being nulled when freed during parsing of JST templates. If the MEGOAHEADJAVASCRIPT flag is enabled, a remote attacker with the privileges t...
CVE-2024-3187
This issue tracks two CWE-416 Use After Free UAF and one CWE-415 Double Free vulnerabilities in Goahead versions = 6.0.0. These are caused by JST values not being nulled when freed during parsing of JST templates. If the MEGOAHEADJAVASCRIPT flag is enabled, a remote attacker with the privileges t...