CVE-2024-32583

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Apr 18, 2024

CWE ID 79

Summary

CVE-2024-32583 is a Cross-site Scripting (XSS) vulnerability affecting Photo Gallery by 10Web from versions n/a to 1.8.21. An attacker can exploit this Improper Neutralization of Input During Web Page Generation issue to inject malicious scripts into a victim's web page, potentially stealing sensitive data or taking control of the user's account. This vulnerability poses a significant risk, as it can be triggered by crafted input sent to the vulnerable system through a specially crafted link or form submission. Users are strongly encouraged to update their Photo Gallery by 10Web installation as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vaI0K3
https://www.cve.org/CVERecord?id=CVE-2024-32583
https://nvd.nist.gov/vuln/detail/CVE-2024-32583

Back to Vulnerability Database

CVE-2024-32583

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations