CVE-2024-51636
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-51636 is a newly disclosed vulnerability that affects the GMO Social Connection platform, version 1.2 and below. This issue combines two serious threats - a Cross-Site Request Forgery (CSRF) vulnerability and a Cross-Site Scripting (XSS) weakness. An attacker can exploit the CSRF flaw to force a user to execute unwanted actions, while the XSS vulnerability enables the attacker to inject malicious scripts into a webpage, potentially stealing sensitive information or taking control of user sessions. The overlap of these two risks poses a significant security risk for users of GMO Social Connection.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.