CVE-2024-56799

Name of the Vulnerable Software and Affected Versions Simofa versions prior to 0.2.7

Description Simofa is a tool to help automate static website building and deployment. Due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they should require authentication.

Recommendations For versions prior to 0.2.7, upgrade to version 0.2.7 to resolve the issue. As a temporary workaround, consider restricting access to sensitive API routes until the upgrade is applied.