CVE-2024-29643 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component.
Critical CVSS: 9.1

CVE-2024-29643

An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component.
Vendor
Croogo
Product
Croogo
CWE
CWE-444
Yayın Tarihi
2025-04-18 15:15:53
Güncelleme
2025-05-28 15:51:17
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-444 Croogo CRITICAL Croogo 2025

Referanslar

https://medium.com/@christbowel6/cve-2024-29643-host-header-injection-in-croogo-v3-0-2-0aded525f574 https://medium.com/@christbowel6/cve-2024-29643-host-header-injection-in-croogo-v3-0-2-0aded525f574