CVE-2024-32830

Name of the Vulnerable Software and Affected Versions BuddyForms versions n/a through 2.8.8

Description The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal', which allows Server Side Request Forgery and Relative Path Traversal. This enables unauthorized access to files and directories outside the intended restricted directory.

Recommendations For versions n/a through 2.8.8, update to a version later than 2.8.8 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.