CVE-2024-1297
Loomio version 2.22.0 allows executing arbitrary commands on the server.
This is possible because the application is vulnerable to OS Command Injection.
More information : https://fluidattacks.com/advisories/stones
Loomio version 2.22.0 allows executing arbitrary commands on the server.
This is possible because the application is vulnerable to OS Command Injection.
More information : https://fluidattacks.com/advisories/stones