CVE-2024-52503
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-52503 is a Cross-site Scripting (XSS) vulnerability affecting Tailored Tools, a component of Tailored Web Services. The flaw, which allows Stored XSS attacks, occurs due to improper neutralization of user input during web page generation. This issue poses a significant risk as attackers can inject malicious scripts into web pages viewed by other users, potentially stealing sensitive information or taking control of their sessions. The vulnerability affects Tailored Tools versions from n/a through 1.8.4. Users are strongly advised to apply the necessary patches or updates to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.