PT-2024-35163 · Tolgee · Tolgee
Jan Cizmar
·
Published
2024-11-12
·
Updated
2024-11-13
·
CVE-2024-52297
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Tolgee version 3.81.1
Description
Tolgee is an open-source localization platform. The issue concerns the public exposure of all configuration properties in the
PublicConfigurationDTO to users.Recommendations
For Tolgee version 3.81.1, update to version 3.81.2 to resolve the issue.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tolgee