CVE-2024-29831

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 12, 2024
CWE ID 20

Summary

CVE-2024-29831 is a newly identified vulnerability affecting Apache DolphinScheduler. This issue involves improper input validation, allowing authenticated users to execute arbitrary, unsandboxed JavaScript code on the server. Users who utilize the switch task plugin are advised to upgrade to version 3.2.2 to mitigate this risk. This vulnerability could potentially be exploited to gain unauthorized access, disrupt services, or steal sensitive data.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share