Known Vulnerabilities
CVE-2024-7840
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
HIGH
CVSS 7.8
Published Oct 09, 2024
CVE-2024-8048
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible using object injection via insecure expression evaluation.
HIGH
CVSS 7.8
Published Oct 09, 2024
CVE-2024-8014
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code execution attack is possible through object injection via an insecure type resolution vulnerability.
HIGH
CVSS 8.8
Published Oct 09, 2024