CVE-2024-50536
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-50536 is a Cross-site Scripting (XSS) vulnerability affecting Intuitive Design GDReseller from versions n/a to 1.6. This issue arises due to improper neutralization of user inputs during web page generation. An attacker can exploit this vulnerability to inject malicious scripts into a web page, potentially gaining unauthorized access to user data or taking control of their session. This can lead to various security risks such as data theft, account hijacking, and phishing attacks. Users are advised to update their GDReseller installation to the latest version as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- WordPress