12Mar
CVE-2024-28197 | Zitadel up to 2.44.2/2.45.0 Cookie privileges management (GHSA-mq4x-r2w3-j7mr)
A vulnerability was found in Zitadel up to 2.44.2/2.45.0. It has been classified as critical. This affects an unknown part of the component Cookie Handler. The manipulation leads to improper privilege management. This vulnerability is uniquely identified as CVE-2024-28197. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.