CVE-2024-52468

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 2, 2024
CWE ID 79

Summary

CVE-2024-52468 is a Cross-site Scripting (XSS) vulnerability affecting LeadBoxer, a web analytics tool. The flaw, which resides in the application's input validation process during web page generation, enables attackers to inject malicious scripts into LeadBoxer web pages. This issue can potentially allow attackers to steal user data or manipulate user actions on affected websites that use LeadBoxer. The vulnerability affects LeadBoxer versions from n/a through 1.2. Users are advised to update to the latest version or implement appropriate XSS protection measures to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share