VYPR
Unrated severityNVD Advisory· Published Apr 3, 2024· Updated Aug 16, 2024

CVE-2024-24724

CVE-2024-24724

Description

Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine (messengerSettings.php) without sanitization.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Gibbon/Gibboncpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=26.0.00

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.