CVE-2024-4724

CVSS 2.0 Score 4.0 of 10 (medium)

Details

Published May 14, 2024
Updated: Jun 4, 2024
CWE ID 79

Summary

CVE-2024-4724 is a recently disclosed cross-site scripting (XSS) vulnerability affecting the Campcodes Legal Case Management System version 1.0. This issue is located in an unidentified function of the /admin/case-type file. Manipulation of the argument case_type_name can lead to XSS attacks, making it possible for remote assailants to inject malicious scripts into unsuspecting users' browsers. The exploit for this vulnerability has been made public, increasing the risk of successful attacks. VDB-263802 is the assigned identifier for this security flaw.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share