CVE-2024-49381
- Reference to the description:
- Description:
- Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerability.
- Last updated date:
- 11/14/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/14/2024
- Reference url to background
https://securitylab.github.com/advisories/GHSL-2024-297_GHSL-2024-298_plenti/