CVE-2024-47639

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 5, 2024
CWE ID 79

Summary

CVE-2024-47639 is a Cross-site Scripting (XSS) vulnerability affecting VdoCipher versions up to 1.29, allowing for stored XSS attacks. This vulnerability poses a medium risk to organizations as it requires low privileges and user interaction for exploitation, potentially leading to unauthorized access or data manipulation. Affected products include various versions of VdoCipher listed under multiple identifiers. Remediation steps have not been explicitly detailed in the provided sources; however, general practices include updating to the latest version of the software and implementing input validation measures. The vulnerability has an exploitability score of 2.3 and a base score of 6.5 according to CVSS version 3.1 metrics, indicating a low complexity attack vector that could impact integrity and availability minimally.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share