CVE-2024-53724
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-53724 is a newly disclosed vulnerability that affects the Ronny L. Bull IceStats software. This issue involves a Cross-Site Request Forgery (CSRF) weakness that also includes Stored XSS (Cross-Site Scripting) capabilities. The CSRF vulnerability allows attackers to manipulate user actions on a web application, while the Stored XSS issue permits hackers to inject malicious scripts into a website that are then executed when unsuspecting users visit the site. The IceStats software, from version n/a through 1.3, is reportedly impacted by this critical security flaw. Users are strongly encouraged to update to a patched version as soon as possible to mitigate the associated risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.