PT-2024-35471 · Flagsmith · Flagsmith
Published
2024-11-16
·
Updated
2024-11-18
·
CVE-2024-52871
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Flagsmith versions prior to 2.134.1
Description:
The issue allows bypassing the
ALLOW REGISTRATION WITHOUT INVITE setting.Recommendations:
For versions prior to 2.134.1, update to version 2.134.1 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Flagsmith