CVE-2024-44044

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Feb 16, 2025

CWE ID 79

Summary

CVE-2024-44044 is a Cross-site Scripting (XSS) vulnerability affecting NotFound Oshine Modules. The flaw, which involves improper neutralization of user input during web page generation, enables Reflected XSS attacks. This issue poses a security risk as it allows attackers to inject malicious scripts into web pages viewed by other users, potentially leading to account takeovers, session hijacking, or data theft. The exact versions of Oshine Modules affected have not been disclosed. Users are advised to update their modules as soon as a patch becomes available to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/x3_EQs
https://www.cve.org/CVERecord?id=CVE-2024-44044
https://nvd.nist.gov/vuln/detail/CVE-2024-44044

Back to Vulnerability Database

CVE-2024-44044

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations