CVE-2024-34913

Name of the Vulnerable Software and Affected Versions r-pan-scaffolding versions 5.0 and below

Description The issue allows attackers to execute arbitrary code via uploading a crafted PDF file. This is achieved through an arbitrary file upload vulnerability.

Recommendations For versions 5.0 and below, consider restricting access to file upload functionality until a fix is available. As a temporary workaround, avoid using the file upload feature in r-pan-scaffolding until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.