Croogo

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2024-29643 CRITICAL POC Act Now

An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Code Injection Croogo

NVD

CVSS 3.1

9.1

EPSS

0.4%

CVE-2024-29643

EPSS 0% CVSS 9.1

CRITICAL POC Act Now

An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Code Injection Croogo

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy