CVE-2024-51897

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 19, 2024
CWE ID 79

Summary

CVE-2024-51897 is a Cross-site Scripting (XSS) vulnerability affecting the News Articles component from version n/a through 1.0.0. An attacker can exploit this Improper Neutralization of Input during Web Page Generation issue to inject malicious scripts into the targeted website. These scripts may steal user data, modify website content, or perform other malicious actions on behalf of the attacker. Successful exploitation of this vulnerability could lead to compromised user sessions and unauthorized access to sensitive information. It is essential to apply the necessary patches or updates as soon as they become available to mitigate the risk of a potential attack.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share