An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file
References
Link | Resource |
---|---|
https://gist.github.com/nyxfqq/b53b0148b9aa040de63f58a68fd11445 | Third Party Advisory |
Configurations
History
15 Aug 2024, 13:02
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-295 | |
First Time |
Beego
Beego beego |
|
CPE | cpe:2.3:a:beego:beego:*:*:*:*:*:*:*:* | |
References | () https://gist.github.com/nyxfqq/b53b0148b9aa040de63f58a68fd11445 - Third Party Advisory |
06 Aug 2024, 18:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-599 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
01 Aug 2024, 12:42
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
31 Jul 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-31 21:15
Updated : 2024-08-15 13:02
NVD link : CVE-2024-40464
Mitre link : CVE-2024-40464
CVE.ORG link : CVE-2024-40464
JSON object : View
Products Affected
beego
- beego