CVE-2024-51633
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-51633 is a newly disclosed vulnerability that affects the Simple Page Specific Sidebars component of IvyCat Web Services. This issue combines a Cross-Site Request Forgery (CSRF) vulnerability with Stored XSS (Cross-Site Scripting) capabilities. Attackers can exploit this CSRF flaw to inject malicious scripts into a targeted user's web session, potentially stealing sensitive information or taking unauthorized actions on their behalf. The vulnerability affects Simple Page Specific Sidebars versions from n/a through 2.14.1. Users are strongly advised to apply the necessary patches or upgrades as soon as possible to mitigate this security risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.