Detections
Analytics

CVE-2024-2064

medium

Description

A vulnerability has been found in rahman SelectCours 1.0 and classified as problematic. Affected by this vulnerability is the function getCacheNames of the file CacheController.java of the component Template Handler. The manipulation of the argument fragment leads to injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-255379.

References

https://vuldb.com/?id.255379

https://vuldb.com/?ctiid.255379

https://github.com/Andriesces/SelectCours-_Sever-side-Template-injection/blob/main/README.md

Details

Source: Mitre, NVD

Published: 2024-03-01

Updated: 2024-05-17

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Severity: Medium