CVE-2024-52473

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Nov 20, 2024
Updated: Nov 21, 2024
CWE ID 79

Summary

CVE-2024-52473 is an XSS (Cross-Site Scripting) vulnerability affecting the Sandeep Verma HTML5 Lyrics Karaoke Player. The flaw, which permits Reflected XSS, is located in the application's input handling process during web page generation. Malicious code can be injected into web pages viewed by other users, potentially leading to unauthorized access, data theft, or other malicious actions. Versions 2.4 and below of the HTML5 Lyrics Karaoke Player are impacted by this issue. Users are strongly advised to update to the latest version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share