mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
37 lines
1.3 KiB
JSON
37 lines
1.3 KiB
JSON
{
|
|
"id": "CVE-2024-37879",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2024-09-20T17:15:14.970",
|
|
"lastModified": "2024-09-26T13:32:55.343",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Improper input validation in /admin/config/save in User-friendly SVN (USVN) before v1.0.12 and below allows administrators to execute arbitrary code via the fields \"siteTitle\", \"siteIco\" and \"siteLogo\"."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "La validaci\u00f3n de entrada incorrecta en /admin/config/save en User-friendly SVN (USVN) anterior a v1.0.12 y anteriores permite a los administradores ejecutar c\u00f3digo arbitrario a trav\u00e9s de los campos \"siteTitle\", \"siteIco\" y \"siteLogo\"."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/usvn/usvn/commit/6b4678954fca9635154743b95ff9c8947cf5f46f",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/usvn/usvn/releases/tag/1.0.12",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.usvn.info/2024/06/09/usvn-1.0.12",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.usvn.info/news.html",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |