CVE-2024-52473
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-52473 is an XSS (Cross-Site Scripting) vulnerability affecting the Sandeep Verma HTML5 Lyrics Karaoke Player. The flaw, which permits Reflected XSS, is located in the application's input handling process during web page generation. Malicious code can be injected into web pages viewed by other users, potentially leading to unauthorized access, data theft, or other malicious actions. Versions 2.4 and below of the HTML5 Lyrics Karaoke Player are impacted by this issue. Users are strongly advised to update to the latest version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.