Improper Input Validation

2024-02-2707:44:01

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

pretix software security vulnerability

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

pretix is vulnerable to Improper Input Validation. The vulnerability is due to improper validation of files uploaded by users, which could allow attackers to upload malicious files and execute arbitrary code.

CPENameOperatorVersion
pretixle2024.1.0
pretixle2024.1.0

CPE	Name	Operator	Version
	pretix	le	2024.1.0
	pretix	le	2024.1.0

References

github.com/advisories/GHSA-672r-97r7-vx2q

github.com/pretix/pretix/commit/77b0b7d1ae9acb91c354679d7578e6a6104bb18e