CVE-2024-24724 in Gibbon
Riassunto
di MITRE • 03/04/2024
Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine (messengerSettings.php) without sanitization.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.