CVE-2024-52268
CVSS 3.0 Score 4.8 of 10 (medium)
Details
Published Nov 13, 2024
CWE ID 79
Summary
CVE-2024-52268 is a cross-site scripting (XSS) vulnerability affecting versions of VK All in One Expansion Unit prior to 9.101.1.0. This issue allows an attacker to inject malicious scripts into a website, which can then be executed on a user's web browser if they access the site using the affected product. Such scripts could steal sensitive information, install malware, or perform other unauthorized actions. Users are advised to update their VK All in One Expansion Unit to the latest version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share