Tafnit Security Vulnerabilities - November

CVE-2024-38429

Matrix Tafnit v8 CWE-552: Files or Directories Accessible to External Parties

CVE-2024-38430

Matrix - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2024-38431

Matrix Tafnit v8 CWE-204: Observable Response Discrepancy

CVE-2024-38432

Matrix Tafnit v8 CWE-646: Reliance on File Name or Extension of Externally-Supplied File