CVE-2024-2064

Name of the Vulnerable Software and Affected Versions rahman SelectCours version 1.0

Description A vulnerability has been found in the function getCacheNames of the file CacheController.java of the component Template Handler. The manipulation of the argument fragment leads to injection. The attack can be launched remotely.

Recommendations For version 1.0, consider disabling the getCacheNames function until a patch is available to prevent exploitation. Restrict access to the Template Handler component to minimize the risk of injection attacks. Avoid using the fragment argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.