[HIGH] Craft CMS Arbitrary System File Read

PKSA-jkbm-w624-yb7q CVE-2024-52292 GHSA-cw6g-qmjq-6w2w

Affected version: >=3.5.13,<=4.12.6.1|>=5.0.0-alpha.1,<=5.4.7.1

Reported by:
GitHub

[HIGH] Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code Execution

PKSA-mtjx-x487-29s9 CVE-2024-52291 GHSA-jrh5-vhr9-qh7q

Affected version: >=4.0.0-RC1,<=4.12.4.1|>=5.0.0-RC1,<=5.4.5.1

Reported by:
GitHub