CVE-2024-12579
CVE-2024-12579
Título es
CVE-2024-12579
Vie, 13/12/2024 – 05:15
Tipo
CWE-400
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-12579
Descripción en
The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 2.1.10. This is due to processing user-supplied input as a regular expression. This makes it possible for unauthenticated attackers to create comments that can cause catastrophic backtracking and break pages.
13/12/2024
13/12/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Gravedad 3.1 (CVSS 3.1 Base Score)
5.30
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
Enviar en el boletín
Off
