CVE-2024-52394
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Nov 18, 2024
Updated: Nov 19, 2024
CWE ID 79
Summary
CVE-2024-52394 is a newly identified Cross-site Scripting (XSS) vulnerability in nopea.Media's Print PDF Generator and Publisher. This issue stems from an inadequate neutralization of user inputs during web page generation. The consequence is the storage of malicious scripts that can be executed in unsuspecting users' browsers when they view manipulated PDF files. The vulnerable versions of Print PDF Generator and Publisher span from n/a through 1.1.6. It is crucial for users to update to a secure version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share