Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Joomla Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-27185)

Description

The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.

Remediation

References

Related Vulnerabilities

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (2.8.8)

SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-35811)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Open Redirect (2.1.6)

WordPress Plugin Visitor Traffic Real Time Statistics Unspecified Vulnerability (2.13)

WordPress Plugin Yakadanda Google+ Hangout Events Cross-Site Scripting (0.3.7)

Severity

Critical

Classification

CVE-2024-27185 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Tags

Missing Update Known Vulnerabilities