CVE-2024-53750

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 1, 2024
CWE ID 352

Summary

CVE-2024-53750 is a newly identified vulnerability that impacts the Maeve Lander PayPal Responder, specifically versions from n/a to 1.2. This issue combines two threats: Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS). The CSRF vulnerability allows an attacker to carry out unwanted actions on behalf of the victim, while the Stored XSS component enables the injection of malicious scripts into web pages viewed by other users. This flaw could potentially lead to serious security breaches and financial losses if exploited. Users are advised to upgrade to the latest version of PayPal Responder to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share