CVE-2024-33571
CVSS 3.1 Score 7.1 of 10 (high)
Details
Published Apr 29, 2024
CWE ID 79
Summary
CVE-2024-33571 is a Cross-site Scripting (XSS) vulnerability affecting Infomaniak's VOD (Video On Demand) platform from version 1.5.6 and earlier. This issue stems from a failure to properly neutralize user inputs during web page generation. attackers can inject malicious scripts into web pages viewed by other users, potentially stealing sensitive information or gaining unauthorized access. Users are advised to update their VOD Infomaniak software to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share