In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HTelerik Ui For Wpf
APPTelerik< 2024.3.924
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2024-10095HIGH8.4ten sam produkt
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack is possible th...
CVE-2024-10012HIGH7.8ten sam produkt
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1111), a code execution attack is possible th...
CVE-2024-7576HIGH7.8ten sam produkt
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible thr...
CVE-2024-7679HIGH7.8ten sam produkt
In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection attack is poss...
CVE-2024-8316HIGH7.8ten sam produkt
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible thr...