CVE-2024-51865

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 19, 2024
CWE ID 79

Summary

CVE-2024-51865 is a Cross-site Scripting (XSS) vulnerability affecting the Simple Social Share Block in N.O.U.S. Open. The issue, which allows Stored XSS, resides in the way input is neutralized during web page generation. This means an attacker can inject malicious scripts into a webpage viewed by other users, potentially stealing sensitive information or taking control of their sessions. The vulnerability affects Simple Social Share Block versions from n/a through 1.0.0. Users are strongly encouraged to update to the latest version or consider alternative plugins to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share