CVE-2024-47050

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 18, 2024

Updated: Sep 20, 2024

CWE ID 79

Summary

CVE-2024-47050 identifies a Cross-Site Scripting (XSS) vulnerability in Mautic's tracking system, which affects multiple product versions prior to the application of a specific patch. This vulnerability allows attackers to exploit the Page URL variable, potentially compromising user data through low-impact integrity and confidentiality issues. Remediation involves applying the latest security patch provided by Mautic, as detailed in their advisory on GitHub. The exploit requires user interaction and has a medium severity rating with an exploitability score of 2.8, indicating that while it is not highly critical, it can still pose risks if left unaddressed. Organizations using affected versions should prioritize updating to mitigate potential security risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Know What Matters

For Customers

For Partners

CVE-2024-47050

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations