CVE-2024-52268

CVSS 3.0 Score 4.8 of 10 (medium)

Details

Published Nov 13, 2024
CWE ID 79

Summary

CVE-2024-52268 is a cross-site scripting (XSS) vulnerability affecting versions of VK All in One Expansion Unit prior to 9.101.1.0. This issue allows an attacker to inject malicious scripts into a website, which can then be executed on a user's web browser if they access the site using the affected product. Such scripts could steal sensitive information, install malware, or perform other unauthorized actions. Users are advised to update their VK All in One Expansion Unit to the latest version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share