CVE-2024-51641
CVSS 3.1 Score 7.1 of 10 (high)
Details
Published Nov 19, 2024
CWE ID 352
Summary
CVE-2024-51636 is a newly identified vulnerability that affects the Z.com social connection feature developed by GMO. This issue combines two serious threats: Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS). The CSRF vulnerability allows an attacker to manipulate a user's session, while the XSS component introduces the potential for code injection. The flaw is present in GMO Social Connection versions from n/a through 1.2, posing a significant risk to users who rely on this service.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share