Post from 2024-01-15 07:30:55
SRC-2024-0001 : Trackplus Allegra Service Desk Module UploadHelper upload Directory Traversal Remote Code Execution Vulnerability
https://srcincite.io/advisories/src-2024-0001/
"First bug for 2024 and first (public) targeted exploitation of CVE-2023-50164/S2-066 Apache Struts File Upload RCE! Thats 10 years of VR with public disclosure!" -
https://twitter.com/steventseeley/status/1746761587942453494
permalink
|
main