CVE-2024-37879

Publication date

2024-09-20 00:00:00

Family

mitre

State

PUBLISHED

Description

Improper input validation in /admin/config/save in User-friendly SVN (USVN) before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLogo".