CVE-2024-23759 Information

Feb 13, 2024 cve

Description

Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via \search\ parameter of the Parcelshopfinder/AddAddressBookEntry\ function.

Reference

https://herolab.usd.de/security-advisories/usd-2023-0046/

Share on: