CVE-2024-53753
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-53753 is a newly disclosed vulnerability that impacts the CultBooking Hotel Booking Engine. This issue combines two serious threats - a Cross-Site Request Forgery (CSRF) vulnerability and Stored Cross-Site Scripting (XSS). The CSRF weakness permits an attacker to manipulate a user's session, while the Stored XSS vulnerability enables an attacker to inject malicious code into web pages viewed by other users. This threat affects CultBooking Hotel Booking Engine versions from n/a through 2.1. Successful exploitation can lead to unauthorized actions and potential data theft. It is crucial for affected organizations to apply the necessary patches as soon as possible to mitigate these risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.