CVE-2024-28698: CLSA Directory Traversal vulnerability
(updated )
Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component.
References
- github.com/MarimerLLC/csla
- github.com/MarimerLLC/csla/commit/2c32a5748a0a4bb0159285dfad61d4050e890080
- github.com/MarimerLLC/csla/pull/3552
- github.com/advisories/GHSA-9xhh-3m78-gvgj
- nvd.nist.gov/vuln/detail/CVE-2024-28698
- www.intruder.io/research/path-traversal-and-code-execution-in-csla-net-cve-2024-28698
Detect and mitigate CVE-2024-28698 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →