CVE-2024-52357

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Nov 11, 2024

Updated: Nov 15, 2024

CWE ID 79

Summary

CVE-2024-52357 is a newly disclosed Cross-Site Scripting (XSS) vulnerability affecting the LIQUID BLOCKS product developed by LIQUID DESIGN Ltd. The flaw, which allows Stored XSS attacks, resides in the web page generation process of the software. Attackers can inject malicious scripts into the affected system, potentially gaining the ability to steal user data or take unauthorized actions on their behalf. This vulnerability affects LIQUID BLOCKS versions from n/a through 1.2.0. Users are advised to apply the necessary patches or upgrades to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0WAF5t
https://www.cve.org/CVERecord?id=CVE-2024-52357
https://nvd.nist.gov/vuln/detail/CVE-2024-52357

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-52357

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations