Back

CVE-2024-33880

June 24, 2024, 7:26 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

VirtoSoftware Virto Bulk File Download

  • 5.5.44 for SharePoint 2019

Source

cve@mitre.org

Tags

cve@mitre.org
2024-06-24
CVE-2024-33880

CVE-2024-33880 details

Published : June 24, 2024, 5:15 p.m.
Last Modified : June 24, 2024, 7:26 p.m.

Description

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via Virto.SharePoint.FileDownloader/Api/Download.ashx?action=archive.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://docs.virtosoftware.com/v/virto-security-frequently-asked-questions-faq&gt%3B cve@mitre.org
https://download.virtosoftware.com/Manuals/nu_ncsc_virto_one_bulk_file_download_v5.4.4_pt_disclosure.pdf cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.