VYPR
Medium severity5.9NVD Advisory· Published Mar 21, 2024· Updated Jun 17, 2026

CVE-2024-24028

CVE-2024-24028

Description

Server Side Request Forgery (SSRF) vulnerability in Likeshop before 2.5.7 allows attackers to view sensitive information via the avatar parameter in function UserLogic::updateWechatInfo.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.