Lucene search
+L

4 matches found

NVD
NVD
added 2024/11/22 8:15 p.m.15 views

CVE-2024-30372

Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS0.01129EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.22 views

CVE-2024-30372 Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability

Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS9.1AI score0.01129EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.46 views

CVE-2024-30372 Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability

Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS0.01129EPSS
Exploits0References2
CVE
CVE
added 2024/11/22 8:5 p.m.60 views

CVE-2024-30372

CVE-2024-30372 affects Allegra and is a Server-Side Template Injection in the getLinkText method. The flaw arises from insufficient validation of a user-supplied string before processing it with the template engine, allowing remote code execution with the process context of LOCAL SERVICE. Authent...

8.8CVSS9.2AI score0.01129EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder