CVE-2024-53713

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 2, 2024
CWE ID 352

Summary

CVE-2024-53713 is a newly disclosed vulnerability that impacts the Silverlight Video Player used on les-sushi-codeurs.fr and regart.net. This issue combines two threats: Cross-Site Request Forgery (CSRF) and Stored XSS (Cross-Site Scripting). The CSRF vulnerability enables an attacker to force an unwilling user to perform unintended actions on the targeted website, while the Stored XSS flaw allows an attacker to inject malicious scripts into web pages viewed by other users, potentially leading to data theft or system compromise. Both vulnerabilities affect Silverlight Video Player versions from n/a through 1.0.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share