CVE-2024-50549

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 19, 2024
CWE ID 79

Summary

CVE-2024-50549 is a Cross-site Scripting (XSS) vulnerability affecting the Bonway Static Block Editor. The issue permits malicious DOM-Based XSS attacks due to improper neutralization of user input during web page generation. This vulnerability can be exploited by attackers to inject malicious scripts into a victim's web browser, potentially stealing sensitive information or gaining unauthorized access. The Bonway Static Block Editor versions from n/a through 1.1.0 are known to be impacted by this issue. Users are strongly advised to apply the available patches or updates as soon as possible to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share