CVE-2024-52297

Published Nov 12, 2024

Last updated 3 months ago

CVSS critical 9.8

Overview

Description
Tolgee is an open-source localization platform. Tolgee 3.81.1 included the all configuration properties in the PublicConfiguratioDTO publicly exposed to users. This vulnerability is fixed in v3.81.2.
Source
security-advisories@github.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

security-advisories@github.com
CWE-200

Social media

Hype score
Not currently trending

  1. CVE-2024-52297 Tolgee is an open-source localization platform. Tolgee 3.81.1 included the all configuration properties in the PublicConfiguratioDTO publicly exposed to users. This v… https://t.co/T1DBYBSTwJ

    @CVEnew

    12 Nov 2024

    222 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [CVE-2024-52297: CRITICAL] Critical security update: Tolgee 3.81.1 exposed configuration properties, fixed in v3.81.2. Keep your system secure, update now! #cybersecurity#cybersecurity,#vulnerability https://t.co/dGDJ18NOLf https://t.co/NR61Lzxvz0

    @CveFindCom

    12 Nov 2024

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References