CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Opft: >> Session >> 1.17.5 Security Vulnerabilities

CVE-2024-2045

Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. This is possible because the application is vulnerable to Local File Read via chat attachments.

CVSS Score

5.5

EPSS Score

0.001

Published

2024-03-01

Page 1

Vulnerabilities

Vulnerable Software

Opft: >> Session >> 1.17.5 Security Vulnerabilities

Products

Pricing

Contact Us