CVE-2024-34461
PUBLISHED5.0
mitre
Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site-wide HEAD and BODY elements, enabling code execution by a designer or an administrator.
Affected products
n/a - AFFECTED
References
JSON source
Click to expand
{
"dataType": "CVE_RECORD",
"containers": {
"cna": {
"affected": [
{
"vendor": "n/a",
"product": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"references": [
{
"url": "https://zenar.io/zenario-9/blog/zenario-9560437-patch-released",
"openGraphData": {
"title": "Zenario 9.5.60437 patch released",
"description": "We've released a Zenario version 9.5.60437 update with an important security patch.",
"image": "https://zenar.io/public/images/bGaTC/1102_630/DALL%C2%B7E%202024-02-05%2011.12.14%20-%20A%20wide%20image%20depicting%20a%20young%20man%20wearing%20classic%20blue%20jeans%20with%20a%20security%20patch.%20The%20patch%20is%20designed%20like%20a%20shield%20and%20is%20intricately%20embroidere.png"
}
}
],
"descriptions": [
{
"lang": "en",
"value": "Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site-wide HEAD and BODY elements, enabling code execution by a designer or an administrator."
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"type": "text",
"description": "n/a"
}
]
}
],
"providerMetadata": {
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre",
"dateUpdated": "2024-05-04T04:27:14.966559"
}
}
},
"cveMetadata": {
"cveId": "CVE-2024-34461",
"state": "PUBLISHED",
"dateUpdated": "2024-05-04T04:27:14.966559",
"dateReserved": "2024-05-04T00:00:00",
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"datePublished": "2024-05-04T00:00:00",
"assignerShortName": "mitre"
},
"dataVersion": "5.0"
}