CVE-2024-25632 | eLabFTW up to 5.0.x saml_team_create privileges assignment (GHSA-6m7p-gh9f-5mgg)

10月 1, 2024
4:56 pm

A vulnerability was found in eLabFTW up to 5.0.x. It has been classified as critical. Affected is the function saml_team_create. The manipulation leads to incorrect privilege assignment.

This vulnerability is traded as CVE-2024-25632. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-25632 | eLabFTW up to 5.0.x saml_team_create privileges assignment (GHSA-6m7p-gh9f-5mgg)

Elvescore.io

Recent Posts

CVE-2024-11852 – Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) WordPress Unauthenticated Data Access Vulnerability

CVE-2024-12884 – Codezips E-Commerce Website SQL Injection

CVE-2024-51463 – IBM i SSRF

CVE-2024-51464 – IBM Navigator for i Access Bypass Vulnerability

CVE-2024-12883 – Code-projects Job Recruitment Cross Site Scripting

CVE-2024-12875 – Easy Digital Downloads WordPress Directory Traversal Vulnerability

CVE-2024-25632 | eLabFTW up to 5.0.x saml_team_create privileges assignment (GHSA-6m7p-gh9f-5mgg)

CVE-2024-25632 | eLabFTW up to 5.0.x saml_team_create privileges assignment (GHSA-6m7p-gh9f-5mgg)