CVE-2024-51891
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-51891 is a Cross-site Scripting (XSS) vulnerability affecting the Official SalesWizard CRM Plugin from 4B Systems sp. z o.o. This issue, which allows Stored XSS attacks, occurs due to improper neutralization of user inputs during web page generation. Successful exploitation could result in the execution of malicious scripts in a user's web browser, potentially leading to sensitive data theft or unauthorized account access. Versions of the Official SalesWizard CRM Plugin from n/a through 1.0.2 are reportedly affected. Users are advised to update their plugins to a secure version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.