CVE-2024-51716
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-51716 is a newly identified Cross-site Scripting (XSS) vulnerability that affects Twitter's real-time search scrolling function. An attacker can exploit this issue by injecting malicious scripts into the search results, which could potentially steal user data or take control of user sessions. The vulnerability is located in the neutralization process of user inputs during web page generation and can impact Twitter users from the latest version (7.0) back to the earliest recorded (n/a). This issue poses a significant risk as it can lead to data breaches and unauthorized account access. Users are advised to exercise caution when clicking on links or interacting with content from the Twitter search results until the vulnerability is addressed by Twitter's security team.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.