Vulnerabilities

CVE-2024-54909

by Fred · 06/02/2025

A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It affects the path parameter of the /api/resource/local/download endpoint, where manipulation of this parameter can lead to arbitrary file download.

More information : https://github.com/goldpankit/eva-springboot2/issues/2

Similar

Tags: Cybersecurity Alert