CVE-2024-51865
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-51865 is a Cross-site Scripting (XSS) vulnerability affecting the Simple Social Share Block in N.O.U.S. Open. The issue, which allows Stored XSS, resides in the way input is neutralized during web page generation. This means an attacker can inject malicious scripts into a webpage viewed by other users, potentially stealing sensitive information or taking control of their sessions. The vulnerability affects Simple Social Share Block versions from n/a through 1.0.0. Users are strongly encouraged to update to the latest version or consider alternative plugins to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.