CVE-2024-47836

Admidio vulnerable to HTML Injection In The Messages Section

Description

Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue.

INFO

Published Date :

2024-10-16T19:43:07.894Z

Last Modified :

2024-10-16T20:07:29.259Z

Source :

GitHub_M

AFFECTED PRODUCTS

The following products are affected by CVE-2024-47836 vulnerability.

Vendors	Products
Admidio	Admidio

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-47836.

URL	Resource
https://github.com/Admidio/admidio/security/advisories/GHSA-7c4c-749j-pfp2

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact