CVE-2024-52355

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Nov 11, 2024

Updated: Nov 15, 2024

CWE ID 79

Summary

CVE-2024-52355 is a critical Cross-site Scripting (XSS) vulnerability affecting the OpenStreetMap (OSM) software version 6.1.2 and below. An attacker can exploit this Improper Neutralization of Input During Web Page Generation flaw to inject malicious scripts into a web page viewed by other users. These scripts can steal sensitive information, take control of user sessions, or disrupt the functionality of the OSM platform. Users are urged to upgrade to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0WAF5p
https://www.cve.org/CVERecord?id=CVE-2024-52355
https://nvd.nist.gov/vuln/detail/CVE-2024-52355

Back to Vulnerability Database

CVE-2024-52355

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations