CVE-2024-52468
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-52468 is a Cross-site Scripting (XSS) vulnerability affecting LeadBoxer, a web analytics tool. The flaw, which resides in the application's input validation process during web page generation, enables attackers to inject malicious scripts into LeadBoxer web pages. This issue can potentially allow attackers to steal user data or manipulate user actions on affected websites that use LeadBoxer. The vulnerability affects LeadBoxer versions from n/a through 1.2. Users are advised to update to the latest version or implement appropriate XSS protection measures to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.