CVE-2024-48572

Name of the Vulnerable Software and Affected Versions AquilaCMS versions 1.409.20 and prior

Description The issue arises from insufficient validation of user input, which is processed as a regular expression to find duplicate email addresses via the "Add a user" feature, allowing unauthenticated attackers to obtain email addresses.

Recommendations For versions 1.409.20 and prior, as a temporary workaround, consider restricting access to the "Add a user" feature until a patch is available. Additionally, ensure that user input is thoroughly validated to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.