CVE-2024-47633

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 5, 2024
CWE ID 79

Summary

CVE-2024-47633 is a Cross-site Scripting (XSS) vulnerability found in Zoho Forms, affecting versions up to 4.0. This security flaw allows for Stored XSS, which can be exploited with low privileges and requires user interaction, posing a medium risk to affected organizations. The vulnerability has a base score of 6.5 on the CVSS scale, indicating potential integrity and confidentiality impacts are low. To remediate this issue, users should upgrade to the latest version of Zoho Forms as specified in official patches. If exploited, this vulnerability could enable attackers to inject malicious scripts into web pages viewed by other users.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share