Vulnerability Report: GO-2024-2613

CVE-2024-27288, GHSA-26w3-q4j8-4xjp
Affects: github.com/1Panel-dev/1Panel
Published: Mar 14, 2024
Modified: May 20, 2024

If the user attempts to access a secure entry point and intercepts with Burp, they can get access to the console page. This access does not return data nor allow modification operations.

For detailed information about this vulnerability, visit https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-26w3-q4j8-4xjp.

Affected Modules

Path

Go Versions
github.com/1Panel-dev/1Panel

before v1.10.1-lts

Aliases

CVE-2024-27288
GHSA-26w3-q4j8-4xjp

References

https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-26w3-q4j8-4xjp
https://github.com/1Panel-dev/1Panel/releases/tag/v1.10.1-lts
https://github.com/1Panel-dev/1Panel/pull/4014
https://vuln.go.dev/ID/GO-2024-2613.json

Feedback

See anything missing or incorrect? Suggest an edit to this report.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL