CVE-2024-57716

CVE-2024-57716 is an information disclosure vulnerability (CWE-200) in trenoncourt AutoQueryable version 1.7.0. The issue lies in the Unselectable function, which enables a remote attacker to obtain sensitive information. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), reflecting high confidentiality impact with network vector, low attack complexity, and no requirements for privileges or user interaction.

A remote, unauthenticated attacker can exploit this vulnerability by targeting the affected Unselectable function. Exploitation requires no special privileges or user involvement and can be performed over the network with low complexity. Successful attacks result in the disclosure of sensitive information, with no impact on integrity or availability.

Advisories and further details are available in the vulnerability research repository at https://github.com/pentesttoolscom/vulnerability-research/tree/master/CVE-2024-57716 and the project repository at https://github.com/trenoncourt/AutoQueryable. The CVE was published on 2025-02-20T17:15:11.803.