Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-46635

Oct. 4, 2024, 1:51 p.m.

Tags

cve@mitre.org
2024-09-30
CVE-2024-46635

Product(s) Impacted

INROAD

  • before v202402060

Description

An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before v202402060 allows attackers to access sensitive information via a crafted payload to the UserNameOrPhoneNumber parameter.

Weaknesses

Date

Published: Sept. 30, 2024, 6:15 p.m.

Last Modified: Oct. 4, 2024, 1:51 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://hithub.notion.site/ cve@mitre.org