Guangzhou Huayi Intelligent Technology Jeewms Information Disclosure Vulnerability in WmOmNoticeHCon
CVE-2024-11961 Published on November 28, 2024
Guangzhou Huayi Intelligent Technology Jeewms WmOmNoticeHController.java preHandle information disclosure
A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation of the argument request leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Types
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2024-11961 has been classified to as an Information Disclosure vulnerability or weakness.
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2024-11961 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2024-11961
Want to know whenever a new CVE is published for Huayi Tec Jeewms? stack.watch will email you.
Affected Versions
Guangzhou Huayi Intelligent Technology Jeewms:- Version 3.7 is affected.
- Version 3.7 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.