PT-2023-12401 · Unknown+1 · Trampgeek Jobe+1
Jobe
+1
·
Published
2022-08-26
·
Updated
2025-05-28
·
CVE-2021-4297
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
trampgeek jobe versions 1.6.4 and earlier
Description
A vulnerability has been found in the function
runs post of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness.Recommendations
For versions 1.6.4 and earlier, upgrade to version 1.6.5 to address this issue. As a temporary workaround, consider restricting the manipulation of the
sourcefilename argument in the runs post function until the upgrade is applied.Fix
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Trampgeek Jobe