CVE-2024-53726

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 2, 2024
CWE ID 352

Summary

CVE-2024-53726 is a newly disclosed vulnerability that impacts the RealtyCandy IDX Broker Extended software. This issue combines two serious threats: Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS). The CSRF weakness allows an attacker to force a user to perform unintended actions on a web application, while the Stored XSS vulnerability lets an attacker inject malicious scripts into web pages viewed by other users. The affected software versions range from n/a to 1.5.1. It is crucial that users upgrade to a patched version as soon as possible to mitigate these risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share