← Back to CVE List
CVE-2024-28135
A low privileged remote attacker can use a command injection vulnerability in the API which performs
remote code execution as the user-app user due to improper input validation. The confidentiality is partly affected.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt