CVE-2024-51992: Orchid Platform has Method Exposure Vulnerability in Modals
(updated )
This vulnerability is a method exposure issue (CWE-749: Exposed Dangerous Method or Function) in the Orchid Platform’s asynchronous modal functionality, affecting users of Orchid Platform version 8 through 14.42.x. Attackers could exploit this vulnerability to call arbitrary methods within the Screen
class, leading to potential brute force of database tables, validation checks against user credentials, and disclosure of the server’s real IP address.
References
Detect and mitigate CVE-2024-51992 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →