CVE-2024-41657 | Casdoor up to 1.577.0 cross-domain policy (GHSL-2024-035)

8月 21, 2024
5:56 am

A vulnerability was found in Casdoor up to 1.577.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to permissive cross-domain policy with untrusted domains.

This vulnerability is uniquely identified as CVE-2024-41657. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-41657 | Casdoor up to 1.577.0 cross-domain policy (GHSL-2024-035)

Elvescore.io

Recent Posts

CVE-2024-10000 – Masteriyo LMS – WordPress Stored Cross-Site Scripting (XSS)

CVE-2024-10008 – Masteriyo LMS WordPress Plugin Role Escalation Vulnerability

CVE-2024-10479 – LinZhaoguan pb-cms Theme Management Module Remote Cross-Site Scripting Vulnerability

CVE-2024-22065 – “ZTE MF258 Pro Command Injection Vulnerability”

CVE-2024-10477 – LinZhaoguan pb-cms Cross-Site Scripting Vulnerability

CVE-2024-10478 – LinZhaoguan pb-cms Cross Site Scripting Vulnerability

CVE-2024-41657 | Casdoor up to 1.577.0 cross-domain policy (GHSL-2024-035)

CVE-2024-41657 | Casdoor up to 1.577.0 cross-domain policy (GHSL-2024-035)