Unrated severityNVD Advisory· Published Oct 31, 2024· Updated Nov 1, 2024
Tongda OA Annual Leave data.php improper authorization
CVE-2024-10598
Description
A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected products
2- Tongda/OAv5Range: 11.2
Patches
Vulnerability mechanics
References
4- github.com/LvZCh/td/issues/1mitreexploitissue-tracking
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entry
News mentions
0No linked articles in our index yet.