CVE-2024-11838

Name of the Vulnerable Software and Affected Versions PlexTrac versions 1.61.3 through 2.8.1

Description The issue affects PlexTrac due to an external control of file name or path vulnerability, allowing local code inclusion through the use of an undocumented API endpoint.

Recommendations For versions 1.61.3 through 2.8.1, update to version 2.8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the undocumented API endpoint until a patch is available.