2 matches found
CVE-2024-27612
Numbas editor prior to version 7.3 mishandles editing of themes and extensions, leading to potential remote code execution (as evidenced by public exploits for ≤7.2). Public advisories (PT-2024-21967) recommend updating to 7.3 or later to resolve the issue.
CVE-2024-27613
CVE-2024-27613 affects the Numbas editor prior to version 7.3, where the issue is a mishandling of reading themes and extensions in the editor. The CVE has a CVSS v3.1 base score of 7.3 (HIGH), with network attack vector, no privileges required, and no user interaction. Impact is described as low...