CVE-2024-51838

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 19, 2024
CWE ID 79

Summary

CVE-2024-51838 is a Cross-site Scripting (XSS) vulnerability affecting the Jon Smajda Pull This software, version 1.1 and below. The flaw stems from the application's failure to neutralize user input during web page generation. An attacker can exploit this weakness to inject malicious scripts into a victim's browser, potentially stealing sensitive information or taking control of their account. This issue poses a significant threat as it enables Domain-Based XSS attacks. Users are advised to update to the latest version of the software to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share