CVE-2024-51643

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Nov 19, 2024
CWE ID 352

Summary

CVE-2024-51643 is a newly disclosed vulnerability affecting the Amazon Associate Filter, versions from n/a to 0.4. This issue combines a Cross-Site Request Forgery (CSRF) weakness with Stored XSS (Cross-Site Scripting). An attacker can exploit the CSRF vulnerability to perform unintended actions on behalf of a user, while the Stored XSS component allows the injection of malicious scripts into web pages viewed by other users. This dual threat poses a significant risk to website security and user privacy.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share