Back

CVE-2024-34461

May 4, 2024, 5:15 a.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Zenario

  • before 9.5.60437

Source

cve@mitre.org

Tags

cve@mitre.org
2024-05-04
CVE-2024-34461

CVE-2024-34461 details

Published : May 4, 2024, 5:15 a.m.
Last Modified : May 4, 2024, 5:15 a.m.

Description

Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site-wide HEAD and BODY elements, enabling code execution by a designer or an administrator.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://zenar.io/zenario-9/blog/zenario-9560437-patch-released cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.