Command Injection Vulnerability in In Progress Telerik UI for WinUI
CVE-2024-12251
7.8HIGH
What is CVE-2024-12251?
A command injection vulnerability exists in In Progress® Telerik® UI for WinUI prior to version 2025 Q1 (3.0.0). This issue arises from inadequate neutralization of hyperlink elements, allowing an attacker to execute arbitrary commands. Proper mitigation is essential to prevent exploitation and ensure application security.
Affected Version(s)
Telerik UI for WinUI Windows 2.0.0 < 3.0.0