Free Trial

CVE-2024-38371 : GOAUTHENTIK PRIOR 2024.2.4/2024.4.3/2024.6.0 ACCESS CONTROL

Description

authentik is an open-source Identity Provider. Access restrictions assigned to an application were not checked when using the OAuth2 Device code flow. This could potentially allow users without the correct authorization to get OAuth tokens for an application and access it. This issue has been patched in version(s) 2024.6.0, 2024.2.4 and 2024.4.3.

References

https://github.com/goauthentik/authentik/security/advisories/GHSA-jq3m-37m7-gp45

https://github.com/goauthentik/authentik/releases/tag/version%2F2024.2.4

https://github.com/goauthentik/authentik/releases/tag/version%2F2024.4.3

https://github.com/goauthentik/authentik/releases/tag/version%2F2024.6.0

For More Information

CVERecord

Common Vulnerabilityies and Exposures

CVE-2024-38371 : GOAUTHENTIK PRIOR 2024.2.4/2024.4.3/2024.6.0 ACCESS CONTROL
CVE-2024-38371 : GOAUTHENTIK PRIOR 2024.2.4/2024.4.3/2024.6.0 ACCESS CONTROL

Contact us to get started

CVE-2024-5711 : STITIONAI DEVIKA CROSS SITE SCRIPTING

CVE-2024-5711 : STITIONAI DEVIKA CROSS SITE SCRIPTING

Description Cross-site Scripting (XSS) – Stored in GitHub repository stitionai/devika prior to -. References https://huntr.com/bounties/6c00ff84-574b-4b4f-bd58-aa7ec1809662 https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2 For More Information CVERecord

Learn more
CVE-2024-38330 : IBM I 7.2/7.3/7.4 UNCONTROLLED SEARCH PATH

CVE-2024-38330 : IBM I 7.2/7.3/7.4 UNCONTROLLED SEARCH PATH

Description IBM System Management for i 7.2, 7.3, and 7.4 could allow a local user to gain elevated privileges due

Learn more
CVE-2024-6539 : HEYEWEI SPRINGBOOTCMS UP TO 2024-05-28 GUESTBOOK /GUESTBOOK CONTENT CROSS SITE SCRIPTING

CVE-2024-6539 : HEYEWEI SPRINGBOOTCMS UP TO 2024-05-28 GUESTBOOK /GUESTBOOK CONTENT CROSS SITE SCRIPTING

Description A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28. Affected is an unknown function

Learn more