Vulnerabilities > Progress > Loadmaster > 7.1.35.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-22 | CVE-2024-2448 | OS Command Injection vulnerability in Progress Loadmaster 7.1.35.10/7.2.48.10 An OS command injection vulnerability has been identified in LoadMaster. An authenticated UI user with any permission settings may be able to inject commands into a UI component using a shell command resulting in OS command injection. | 8.8 |
| 2024-03-22 | CVE-2024-2449 | Cross-Site Request Forgery (CSRF) vulnerability in Progress Loadmaster 7.1.35.10/7.2.48.10 A cross-site request forgery vulnerability has been identified in LoadMaster. It is possible for a malicious actor, who has prior knowledge of the IP or hostname of a specific LoadMaster, to direct an authenticated LoadMaster administrator to a third-party site. | 7.5 |