CVE-2024-52427
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Nov 18, 2024
Updated: Nov 20, 2024
CWE ID 94
CWE ID 1336
Summary
CVE-2024-52427 is a new vulnerability affecting Saso Nikolov Event Tickets with Ticket Scanner. The issue stems from an Improper Neutralization of Special Elements Used in a Template Engine, which enables Server Side Include (SSI) Injection. This vulnerability, present in versions from n/a through 2.3.11, can potentially allow unauthorized server access and data manipulation, posing a significant security risk to organizations using the affected software.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share