CVE-2024-49503

CVSS 3.1 Score 3.5 of 10 (low)

Details

Published Nov 28, 2024
CWE ID 79

Summary

CVE-2024-49503 is a Cross-site Scripting (XSS) vulnerability affecting SUSE Manager. This issue occurs during the generation of web pages in the container suse/manager/5.0/x86_64/server:5.0.2.7.8.1 before 5.0.15-150600.3.10.2 and SUSE Manager Server Module 4.3 before 4.3.42-150400.3.52.1. Attackers can leverage this flaw to inject and execute malicious JavaScript code on the organization credentials subpage. Successful exploitation of this vulnerability could lead to unauthorized access to sensitive information. Users are urged to update their affected SUSE Manager installations to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share