Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the vulnerability.
CVSS
No CVSS.
References
Configurations
No configuration.
History
28 Oct 2024, 13:58
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Oct 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-78 |
25 Oct 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-25 14:15
Updated : 2024-10-28 13:58
NVD link : CVE-2024-49380
Mitre link : CVE-2024-49380
CVE.ORG link : CVE-2024-49380
JSON object : View
Products Affected
No product.