First published: Mon Feb 12 2024(Updated: )
Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via "search" parameter of the Parcelshopfinder/AddAddressBookEntry" function.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Gambio Gambio | =4.9.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.