Details on CVE-2024-38909 #2
Description
Hi,
could you please provide some more details on CVE-2024-38909?
-
What exactly is the nature of this vulnerability?
-
What exactly is the nature of the "incorrect access control"?
-
How can this vulnerability be exploited?
Note: The vendor / product URL provided in the CVE record appears to be (no longer?) correct. This seems to point to the correct product:
https://studio-42.github.io/elFinder/
https://github.com/Studio-42/elFinder
Thanks in advance.