Security Advisory

CVE-2024-49380

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-25 13:04:01

Last updated 2024-10-25 14:24:31

Assigner GitHub_M

State PUBLISHED

Description

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the vulnerability.

← Browse all CVEs View on cve.org ↗