CVE-2024-24724 – Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side …

3 April 2024

Vuln ID: CVE-2024-24724

Published: 2024-04-03 03:15:09.173

Description: Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine (messengerSettings.php) without sanitization.

Base Score: –

Vector:

Source: NVD.NIST.GOV

Date:

3 April 2024

Categorie(s):

NVD

Tag(s):

NVD

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials27 July 2024
PKFail bug puts firmware security at risk26 July 2024
Deepfake misuse & deepfake detection (before it’s too late)26 July 2024
Cyber insurance provider Cowbell reels in $60M to grow its product portfolio26 July 2024
Twitter, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland… – SWN #40126 July 2024