CVE-2024-49793

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 6, 2025

Updated: Feb 12, 2025

CWE ID 79

Summary

CVE-2024-49793 is a newly disclosed cross-site scripting (XSS) vulnerability in IBM ApplinX 11.1. An authenticated user can exploit this flaw to inject malicious JavaScript code into the web user interface. This can alter the intended functionality and potentially lead to the disclosure of sensitive credentials within a trusted session. IBM has urged users to update their ApplinX installations as soon as possible to mitigate the risk of this vulnerability. Failure to do so may result in unauthorized access and other security breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/zraj-l
https://www.cve.org/CVERecord?id=CVE-2024-49793
https://nvd.nist.gov/vuln/detail/CVE-2024-49793

Back to Vulnerability Database

CVE-2024-49793

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations