CVE-2024-4747

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published May 14, 2024
CWE ID 79

Summary

CVE-2024-4747 is a high-severity vulnerability classified as CWE-79 (Improper Neutralization of Input During Web Page Generation) affecting Propovoice CRM versions from n/a through 1.7.6.2. The vulnerability allows for stored cross-site scripting (XSS) attacks. The exploitability score for this vulnerability is 2.8 out of 10, indicating a relatively low difficulty for attackers to exploit it. The impact score is 3.7 out of 10, suggesting a moderate potential danger to organizations. The base severity score is 7.1 out of 10, classifying it as a high-risk vulnerability. The required user interaction for exploitation is "REQUIRED," and no special privileges are required. The attack vector is through the network, and the impact on integrity and confidentiality is low, while availability impact is also low. Organizations using Propovoice CRM should promptly apply the necessary patches or updates to remediate this vulnerability and reduce the risk of XSS attacks on their systems.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-4747 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options