CVE-2024-49791

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 6, 2025

Updated: Feb 12, 2025

CWE ID 79

Summary

CVE-2024-49791 is a newly identified cross-site scripting (XSS) vulnerability affecting IBM ApplinX version 11.1. An authenticated user can exploit this weakness by embedding arbitrary JavaScript code in the Web UI, which may alter the intended functionality and potentially disclose sensitive credentials within a trusted session. Successful exploitation could lead to unauthorized access or data theft. IBM strongly recommends users update their systems to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/zrbMaj
https://www.cve.org/CVERecord?id=CVE-2024-49791
https://nvd.nist.gov/vuln/detail/CVE-2024-49791

Back to Vulnerability Database

CVE-2024-49791

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations