High severity7.8OSV Advisory· Published May 14, 2024· Updated Apr 15, 2026

CVE-2024-31556

Description

An issue in Reportico Web before v.8.1.0 allows a local attacker to execute arbitrary code and obtain sensitive information via the sessionid function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
reportico-web/reporticoPackagist	<= 8.1.0	—

Affected products

Reportico Web/ReporticoOSV
Range: 4.6, 6.0.10, 6.0.11, …
ghsa-coords
pkg:composer/reportico-web/reportico
Range: <= 8.1.0

Patches

Vulnerability mechanics

References

github.com/advisories/GHSA-2q2f-h83x-cx3xghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2024-31556ghsaADVISORY
github.com/reportico-web/reportico/issues/53nvdWEB

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000