alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, an attacker can access data from other organizers. The attacker can use a specially crafted request to receive the e-mail log sent by other events. Version 2.0-M4-2402 fixes this issue.
History

Wed, 18 Dec 2024 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Alf
Alf alf
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:a:alf:alf:*:*:*:*:*:*:*:*
Vendors & Products Alf
Alf alf

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-02-19T19:53:52.668Z

Updated: 2024-08-01T23:44:09.810Z

Reserved: 2024-02-08T22:26:33.513Z

Link: CVE-2024-25634

cve-icon Vulnrichment

Updated: 2024-08-01T23:44:09.810Z

cve-icon NVD

Status : Analyzed

Published: 2024-02-19T20:15:45.707

Modified: 2024-12-18T17:55:31.463

Link: CVE-2024-25634

cve-icon Redhat

No data.