{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-19T23:32:28.774","vulnerabilities":[{"cve":{"id":"CVE-2024-8412","sourceIdentifier":"cna@vuldb.com","published":"2024-09-04T16:15:09.393","lastModified":"2026-06-17T08:22:32.007","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3.3. Affected is an unknown function of the file comments/views.py. The manipulation of the argument next leads to open redirect. It is possible to launch the attack remotely. The name of the patch is ebd1c2cba59cbac198bf2fd5a10565994d4f02cb. It is recommended to apply a patch to fix this issue."},{"lang":"es","value":"Se ha encontrado una vulnerabilidad clasificada como problemática en LinuxOSsk Shakal-NG hasta la versión 1.3.3. Se ve afectada una función desconocida del archivo comments/views.py. La manipulación del argumento next provoca una redirección abierta. Es posible lanzar el ataque de forma remota. El nombre del parche es ebd1c2cba59cbac198bf2fd5a10565994d4f02cb. Se recomienda aplicar un parche para solucionar este problema."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"LinuxOSsk","product":"Shakal-NG","versions":[{"version":"1.3.0","status":"affected"},{"version":"1.3.1","status":"affected"},{"version":"1.3.2","status":"affected"},{"version":"1.3.3","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-04T15:43:41.630977Z","id":"CVE-2024-8412","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxos:shakal-ng:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.3","matchCriteriaId":"F6248D95-9207-49D3-BD21-0A8003C1F0BF"}]}]}],"references":[{"url":"https://github.com/LinuxOSsk/Shakal-NG/commit/ebd1c2cba59cbac198bf2fd5a10565994d4f02cb","source":"cna@vuldb.com","tags":["Patch"]},{"url":"https://github.com/LinuxOSsk/Shakal-NG/issues/202","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/LinuxOSsk/Shakal-NG/issues/202#issuecomment-2325187434","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://vuldb.com/?ctiid.276492","source":"cna@vuldb.com","tags":["Permissions Required"]},{"url":"https://vuldb.com/?id.276492","source":"cna@vuldb.com","tags":["Third Party Advisory"]},{"url":"https://vuldb.com/?submit.400792","source":"cna@vuldb.com","tags":["Third Party Advisory"]}]}}]}