In Telerik Reporting versions prior to 2024 R1, a...
High severity
Unreviewed
Published
Jan 31, 2024
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Jan 31, 2024
Published to the GitHub Advisory Database
Jan 31, 2024
In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Reporting install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.
References