Security Advisory
CVE-2024-37879
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Improper input validation in /admin/config/save in User-friendly SVN (USVN) before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLogo".