The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file paths to the client, who can be an attacker. Instead of rewriting these pages to avoid this vulnerability, they will be dismissed from future releases of Cegid Meta4 HR, as they do not offer product functionality
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCIBE
Published: 2024-03-19T12:09:48.232Z
Updated: 2024-03-19T12:16:04.540Z
Reserved: 2024-03-19T06:45:01.569Z
Link: CVE-2024-2635
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-03-19T12:15:09.993
Modified: 2024-03-19T13:26:46.000
Link: CVE-2024-2635
JSON object: View
Redhat Information
No data.
CWE