CVE-2024-47817
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2024-47817 identifies a vulnerability in the Lara-zeus Dynamic Dashboard and its associated themes, which allows for cross-site scripting (XSS) attacks if invalid values containing specific characters are passed to a paragraph widget. Affected products include the Lara-zeus Dynamic Dashboard and the Lara-zeus Artemis theme collection. Organizations are advised to upgrade to the recommended fix versions as there are no known workarounds for this issue. The vulnerability has a medium severity rating with a base score of 6.1, requiring user interaction for exploitation but posing risks such as low integrity and confidentiality impacts. If exploited, this vulnerability could lead to compromised user data and potentially allow attackers to execute malicious scripts in the context of users accessing affected web pages.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.