High severity7.2NVD Advisory· Published Feb 20, 2024· Updated Apr 20, 2026
CVE-2024-1297
CVE-2024-1297
Description
Loomio version 2.22.0 allows executing arbitrary commands on the server.
This is possible because the application is vulnerable to OS Command Injection.
Affected products
1Patches
16bc5429bfb5aVulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- fluidattacks.com/advisories/stonesnvdExploitVendor Advisory
- github.com/loomio/loomio/commit/6bc5429bfb5a9c7c811a4487d97ea54a8b23a0fanvd
News mentions
0No linked articles in our index yet.