CVE-2024-28698

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-28698

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-28698.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-28698

Aliases

GHSA-9xhh-3m78-gvgj

Published

2024-07-22T18:15:03.120Z

Modified

2026-03-14T12:33:15.574546Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component.

References

Affected packages

Git / github.com/MarimerLLC/csla

Affected ranges

Type

GIT

Repo

https://github.com/MarimerLLC/csla

Events

Introduced

Fixed

2dd9b1fc2e0d1bfaa6634847fe183dd9fb2a20e0

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "8.0"
        }
    ]
}

Affected versions

4.*

4.5.500

4.5.501

4.5.681

4.5.700

Other

V1-51

V2-0-0

V2-0-begin

V2-1-4

V3-0-5

V4-0-0

V4-1-0

V4-2-0

V4-3-10

V4-5-10

V4-5-12

V4-5-13

V4-5-14

V4-5-15

V4-5-20

V4-5-begin

V4.*

V4.5.30

V4.5.40

v4.*

v4.5.600

v4.5.601

v4.6.001

v4.6.100

v4.6.200

v4.6.300

v4.6.400

v4.6.500

v4.6.600

v4.6.601

v4.6.602

v4.6.603

v4.7.100

v4.7.101

v4.7.200

v4.8.0

v4.8.1

v4.8.1.1

v4.9.0

v5.*

v5.0.0

v5.0.1

v5.1.0

v5.2.0

v5.3.0

v5.3.1

v5.3.2

v5.4.0

v6.*

v6.0.0

v6.1.0

v6.2.0

v7.*

v7.0.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-28698.json"