CVE-2024-32552

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 18, 2024
CWE ID 79

Summary

CVE-2024-32552 is a Cross-site Scripting (XSS) vulnerability affecting Taggbox from an undisclosed version up to 3.2. Attackers can inject malicious scripts into web pages generated by Taggbox, which, when accessed by other users, can steal sensitive data or take control of their sessions. This flaw poses a serious risk to websites that use Taggbox for user-generated content and requires immediate patching to mitigate the threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share