CVE-2024-24889

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Feb 12, 2024

CWE ID 79

Summary

CVE-2024-24889 is a Cross-site Scripting (XSS) vulnerability affecting Geek Code Lab's All 404 Pages Redirect to Homepage feature, from version n/a through 1.9. An attacker can inject malicious scripts into the web pages, which are then stored and executed on unsuspecting users' browsers when they visit the affected pages. This can lead to unauthorized data access or theft, and potentially more serious consequences such as identity theft or financial loss. Users are advised to update to the latest version of the software to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uXKsUF
https://www.cve.org/CVERecord?id=CVE-2024-24889
https://nvd.nist.gov/vuln/detail/CVE-2024-24889

Back to Vulnerability Database

CVE-2024-24889

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations