CVE-2024-45605 - "Sentry Unauthenticated Alert Notification Deletion Vulnerability"

2 months ago 25
ARTICLE AD BOX
CVE ID : CVE-2024-45605
Published : Sept. 17, 2024, 8:15 p.m. | 24 minutes ago
Description : Sentry is a developer-first error tracking and performance monitoring platform. An authenticated user delete the user issue alert notifications for arbitrary users given a know alert ID. A patch was issued to ensure authorization checks are properly scoped on requests to delete user alert notifications. Sentry SaaS users do not need to take any action. Self-Hosted Sentry users should upgrade to version 24.9.0 or higher. There are no known workarounds for this vulnerability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article