CVE-2024-24292
CVE-2024-24292 affects Aliconnect /sdk v0.0.6. The vulnerability is a prototype pollution in the aim.js component’s aim function, enabling arbitrary code execution. CVSS v3.1 metrics indicate a critical impact (9.8) with network attack vector, no privileges required, no user interaction, and high...