CVE-2024-13268

Source
https://cve.org/CVERecord?id=CVE-2024-13268
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-13268.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-13268
Published
2025-01-09T19:18:18.307Z
Modified
2026-07-15T01:49:02.115111155Z
Severity
  • 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
Opigno - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-032
Details

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno allows PHP Local File Inclusion.This issue affects Opigno: from 7.X-1.0 before 7.X-1.23.

Database specific
{
    "cna_assigner": "drupal",
    "cwe_ids": [
        "CWE-96"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/13xxx/CVE-2024-13268.json"
}
References

Affected packages

Git / git.drupalcode.org/project/opigno

Affected ranges

Type
GIT
Repo
https://git.drupalcode.org/project/opigno
Events
Introduced
a5756572fa5251206065abef637028018356fe77
Fixed
850793045be3f9a318be79dafd3d9f1e68ac716c
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "7.x-1.0"
        },
        {
            "fixed": "7.x-1.23"
        }
    ]
}

Affected versions

7.*
7.x-1.0
7.x-1.1
7.x-1.10
7.x-1.11
7.x-1.12
7.x-1.13
7.x-1.14
7.x-1.15
7.x-1.16
7.x-1.17
7.x-1.18
7.x-1.19
7.x-1.2
7.x-1.20
7.x-1.21
7.x-1.22
7.x-1.3
7.x-1.4
7.x-1.5
7.x-1.6
7.x-1.7
7.x-1.8
7.x-1.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-13268.json"