CVE-2024-51716

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Nov 9, 2024
Updated: Nov 12, 2024
CWE ID 79

Summary

CVE-2024-51716 is a newly identified Cross-site Scripting (XSS) vulnerability that affects Twitter's real-time search scrolling function. An attacker can exploit this issue by injecting malicious scripts into the search results, which could potentially steal user data or take control of user sessions. The vulnerability is located in the neutralization process of user inputs during web page generation and can impact Twitter users from the latest version (7.0) back to the earliest recorded (n/a). This issue poses a significant risk as it can lead to data breaches and unauthorized account access. Users are advised to exercise caution when clicking on links or interacting with content from the Twitter search results until the vulnerability is addressed by Twitter's security team.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share