CVE-2024-52457

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 2, 2024
CWE ID 79

Summary

CVE-2024-52457 is a newly identified Cross-Site Scripting (XSS) vulnerability affecting the Youneeq Recommendations software. The flaw stems from improper neutralization of user inputs during web page generation. An attacker can exploit this vulnerability to inject malicious scripts into web pages viewed by other users. This issue poses a significant risk as it allows an attacker to steal sensitive information, manipulate user sessions, and even gain administrative privileges. Youneeq Recommendations versions from n/a to 3.0.7 are susceptible to this vulnerability. Users are advised to upgrade to the latest available version as soon as possible to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share