You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -36,7 +36,7 @@ A critical vulnerability in ProjectSend, a widely-used open-source file-sharing
## Recommendations
To remediate {% cve CVE-2024-11680 %}, upgrade to version r1720 or later.
To remediate {% cve CVE-2024-11680 %}, upgrade ProjectSend to version r1720 or later to resolve the improper authorisation vulnerability. Limit public access by applying strict network controls and review server logs for unusual activity, especially targeting `options.php` or unauthorised uploads in `upload/files/`. For any compromised systems, remove malicious files, restore original configurations, and investigate further for signs of exploitation. Establish a patch management process to ensure timely updates and minimise exposure to future vulnerabilities
