CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-12251

In Progress® Telerik® UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack is possible through improper neutralization of hyperlink elements.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.1%

CVSS Severity

CVSS v3 Score 7.8

References

https://docs.telerik.com/devtools/winui/security/kb-security-command-injection-cve-2024-12251

Products affected by CVE-2024-12251

Telerik » Ui For Winui » Version: 2.0.0

cpe:2.3:a:telerik:ui_for_winui:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-12251

Products

Pricing

Contact Us