CVE-2024-10315
Nov. 18, 2024, 10:15 p.m.
Tags
Product(s) Impacted
Gliffy Online
- before 4.14.0-6
Description
In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Alpha Inferno PVT LTD.
Weaknesses
CWE-942
Permissive Cross-domain Policy with Untrusted Domains
The product uses a cross-domain policy file that includes domains that should not be trusted.
CWE ID: 942Date
Published: Nov. 11, 2024, 8:15 p.m.
Last Modified: Nov. 18, 2024, 10:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
security@puppet.com
References
https://portal.perforce.com/
security@puppet.com