Critical severity9.8GHSA Advisory· Published Mar 18, 2024· Updated Apr 15, 2026
CVE-2024-28125
CVE-2024-28125
Description
FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a vulnerability but a product specification and this is currently under further investigation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.fitnesse:fitnesseMaven | <= 20240707 | — |
Affected products
2Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.