CVE-2024-38746

Name of the Vulnerable Software and Affected Versions MakeStories (for Google Web Stories) versions n/a through 3.0.3

Description The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal', which allows for Path Traversal and Server Side Request Forgery. This enables unauthorized access to files and directories outside the intended restricted directory.

Recommendations For MakeStories (for Google Web Stories) versions n/a through 3.0.3, update to a version later than 3.0.3 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.