CVE-2024-52427

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 18, 2024
Updated: Nov 20, 2024
CWE ID 94
CWE ID 1336

Summary

CVE-2024-52427 is a new vulnerability affecting Saso Nikolov Event Tickets with Ticket Scanner. The issue stems from an Improper Neutralization of Special Elements Used in a Template Engine, which enables Server Side Include (SSI) Injection. This vulnerability, present in versions from n/a through 2.3.11, can potentially allow unauthorized server access and data manipulation, posing a significant security risk to organizations using the affected software.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share