CVE-2024-46055

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Nov 27, 2024
CWE ID 79

Summary

CVE-2024-46055 is a newly identified Cross-Site Scripting (XSS) vulnerability affecting OpenVidReview version 1.0. Attackers can exploit this issue by injecting malicious scripts into review names, which are then rendered unsanitized in the application's response. Successful exploitation may lead to the execution of arbitrary code in the context of the affected user, potentially allowing unauthorized access or data exfiltration. It is crucial for OpenVidReview users to upgrade to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share