CVE-2024-37879

Published
View on NVD ↗
CVSS v3
4.8
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

Improper input validation in /admin/config/save in User-friendly SVN (USVN) before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLogo".

usvn/usvn
usvn/usvn
Manage Subversion repositories via a web interface
GitHubGitHub
175