CVE-2024-44860
HIGHSolvait 24.4.2 - Information Disclosure via /Letter/PrintQr/ Endpoint
Title source: llmDescription
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request.
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://gist.github.com/walhajri/e03974097d1fd4eb698a6a80931bdd45
Product
https://www.solvait.com/
Scores
CVSS v3
7.5
EPSS
0.0050
EPSS Percentile
39.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Products (1)
solvait/solvait
24.4.2
Published
Sep 26, 2024
Tracked Since
Feb 18, 2026