CVE-2024-38453 | THREATINT

Description

The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows attackers to read an API key. NOTE: the current version is 11 as of mid-2024.

PUBLISHED Reserved 2024-06-16 | Published 2024-07-03 | Updated 2024-08-02 | Assigner mitre

References

appexchange.salesforce.com/...l?listingId=a0N3A00000FKAoOUAX

deneyed.com/blog/avalara/

appexchange.salesforce.com/...l?listingId=a0N3A00000FKAoOUAX

deneyed.com/blog/avalara/

cve.org (CVE-2024-38453)

nvd.nist.gov (CVE-2024-38453)

Download JSON

help @ threatint.eu