CVE-2024-55602

CVSS V2 None CVSS V3 None
Description
PwnDoc is a penetration test report generator. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an authenticated user who is able to update and download templates can inject path traversal (`../`) sequences into the file extension property to read arbitrary files on the system. Commit 1d4219c596f4f518798492e48386a20c6e9a2fe6 contains a patch for the issue.
Overview
  • CVE ID
  • CVE-2024-55602
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-12-10T16:58:12.982Z
  • Last Modified Date
  • 2024-12-10T17:22:00.349Z
History
Created Old Value New Value Data Type Notes
2024-12-11 13:16:43 Added to TrackCVE