CVE-2024-8304: jpress Template Module edit path traversal
First published: Thu Aug 29 2024(Updated: )
A vulnerability has been found in jpress up to 5.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/template/edit of the component Template Module Handler. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| openMairie Openpresse | <=5.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-8304?
CVE-2024-8304 is classified as a critical severity vulnerability.
How do I fix CVE-2024-8304?
To fix CVE-2024-8304, you should upgrade jpress to version 5.1.2 or later.
What type of vulnerability is CVE-2024-8304?
CVE-2024-8304 is a path traversal vulnerability found in the Template Module Handler.
Which versions of jpress are affected by CVE-2024-8304?
CVE-2024-8304 affects jpress versions up to and including 5.1.1.
What component is impacted by CVE-2024-8304?
The impacted component in CVE-2024-8304 is the Template Module Handler located at /admin/template/edit.
- agent/weakness
- agent/references
- agent/description
- agent/first-publish-date
- agent/type
- agent/title
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/event
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/jpress
- canonical/openmairie openpresse
- version/openmairie openpresse/5.1.1