CVE-2024-51749
CVE-2024-51749
Título es
CVE-2024-51749
Mar, 12/11/2024 – 17:15
Tipo
CWE-451
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-51749
Descripción en
Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. Fixed in element-web 1.11.85.
12/11/2024
12/11/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Gravedad 3.1 (CVSS 3.1 Base Score)
3.50
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
LOW
Referencias
Enviar en el boletín
Off
