VYPR
Critical severity9.8GHSA Advisory· Published Mar 18, 2024· Updated Apr 15, 2026

CVE-2024-28125

CVE-2024-28125

Description

FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a vulnerability but a product specification and this is currently under further investigation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.fitnesse:fitnesseMaven
<= 20240707

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.