Editor
CVE-2024-27612
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary rating from Vendor (mitre) · only source for this CVE.
CVSS VectorVendor: mitre
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionCVE.org
Numbas editor before 7.3 mishandles editing of themes and extensions.
AnalysisAI
Numbas editor before 7.3 mishandles editing of themes and extensions. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. Numbas editor before 7.3 mishandles editing of themes and extensions. Affected products include: Numbas Editor. Version information: before 7.3.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
CVE-2025-59489 is a security vulnerability (CVSS 7.4) that allows argument injection that can result. Risk factors: publ
Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows remote attackers to execute arbitrary code via a c
Numbas editor before 7.3 mishandles reading of themes and extensions. Rated high severity (CVSS 7.3), this vulnerability
Same weakness CWE-20 – Improper Input Validation
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today