CVEs-PoC/2024/CVE-2024-45189.md at dc3bd6cd71a486f862e7cf4da52fce4cfeb10e52 - CVEs-PoC - MS-GitHub-Backup (Gitea)

CalvinBackup/CVEs-PoC

mirror of https://github.com/0xMarcio/cve.git synced 2026-06-01 15:11:34 +02:00

Files

T

0xMarcio 8d17e0c8f8 Update CVE sources 2024-08-24 17:55

2024-08-24 17:55:21 +00:00

689 B

Raw Blame History

CVE-2024-45189

Description

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Git Content" request

POC

Reference

https://research.jfrog.com/vulnerabilities/mage-ai-git-content-request-remote-arbitrary-file-leak-jfsa-2024-001039604/

Github

No PoCs found on GitHub currently.