CVE-2024-51914

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 19, 2024
CWE ID 79

Summary

CVE-2024-51914 is a Cross-site Scripting (XSS) vulnerability affecting the drop in image slideshow gallery from version n/a through 12.0. An attacker can exploit this issue by injecting malicious code into the input data, which is not properly neutralized during web page generation. This results in DOM-Based XSS, allowing the attacker to execute malicious scripts in the victim's browser and potentially steal sensitive information or take control of the user's session. Users are advised to update to the latest version of the image slideshow gallery to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share