In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements.
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HTelerik Ui For Wpf
APPTelerik< 2024.3.924
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2024-10095HIGH8.4ten sam produkt
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack is possible th...
CVE-2024-10012HIGH7.8ten sam produkt
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack is possible th...
CVE-2024-7576HIGH7.8ten sam produkt
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible thr...
CVE-2024-7679HIGH7.8ten sam produkt
In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection attack is poss...
CVE-2024-8316HIGH7.8ten sam produkt
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible thr...