Vulnerabilities

CVE-2024-36076

by Fred · 19/05/2024

Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session.

More information : https://github.com/Syslifters/sysreptor/releases/tag/2024.40

Similar

Tags: Cybersecurity Alert