CVE-2024-13133

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Jan 5, 2025
CWE ID 434
CWE ID 284

Summary

CVE-2024-13133 is a critical vulnerability affecting ZeroWdd studentmanager 1.0. The issue lies in the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController.java. The vulnerability allows for unrestricted upload of files through manipulation of the argument, making it possible for attackers to initiate the exploit remotely. This vulnerability has been disclosed to the public, increasing the risk of potential exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share