CVE-2024-23188

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description Maliciously crafted E-Mail attachment names could be used to temporarily execute script code in the context of the user's browser session. Common user interaction is required for the issue to trigger. Attackers could perform malicious API requests or extract information from the user's account. The vulnerability is addressed by deploying provided updates and patch releases, which implement safer methods of handling external content when embedding attachment information to the web interface. No publicly available exploits are known.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.