PT-2023-12401 · Unknown+1 · Trampgeek Jobe+1

Jobe

Publicado

2022-08-26

Atualizado

2025-05-28

CVE-2021-4297

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions trampgeek jobe versions 1.6.4 and earlier

Description A vulnerability has been found in the function runs post of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness.

Recommendations For versions 1.6.4 and earlier, upgrade to version 1.6.5 to address this issue. As a temporary workaround, consider restricting the manipulation of the sourcefilename argument in the runs post function until the upgrade is applied.

Correção

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

ALT-PU-2022-2503

ALT-PU-2022-2554

CVE-2021-4297

Produtos afetados

Alt Linux

Trampgeek Jobe

PT-2023-12401 · Unknown+1 · Trampgeek Jobe+1

CVE-2021-4297

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9