CVE-2024-10598 – Tongda OA Remote Improper Authorization Vulnerability in Annual Leave Handler

10月 31, 2024
11:20 pm

CVE ID : CVE-2024-10598

Published : Oct. 31, 2024, 10:15 p.m. | 1 hour, 5 minutes ago

Description : A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-10598 – Tongda OA Remote Improper Authorization Vulnerability in Annual Leave Handler

Elvescore.io

Recent Posts

CVE-2024-48197 – Audiocodes MP-202b Cross Site Scripting Privilege Escalation

CVE-2024-56199 – phpMyFAQ HTML Injection Vulnerability

CVE-2025-0173 – SourceCodester Online Eyewear Shop SQL Injection Vulnerability

CVE-2024-11716 – CTFd Team Bracket Reassignment Vulnerability ( Privilege Escalation )

CVE-2024-11717 – CTFd TokenForgeable Authentication

CVE-2022-45811 – WeyHan Ng Post Teaser Missing Authorization

CVE-2024-10598 – Tongda OA Remote Improper Authorization Vulnerability in Annual Leave Handler

CVE-2024-10598 – Tongda OA Remote Improper Authorization Vulnerability in Annual Leave Handler