CVE-2024-40404 Information

Description

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established.

Reference

https://blog.cybelesoft.com/thinfinity-workspace-security-bulletin-nov-2024/