CVE-2024-53762

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 2, 2024
CWE ID 352

Summary

CVE-2024-53762 is a newly identified vulnerability affecting the FastBook – Responsive Appointment Booking and Scheduling System. This issue combines a Cross-Site Request Forgery (CSRF) and Stored XSS (Cross-Site Scripting) flaw. An attacker can exploit the CSRF vulnerability to perform unintended actions on behalf of a user, while the Stored XSS vulnerability enables the attacker to inject malicious scripts into web pages viewed by other users. The vulnerability exists in FastBook versions from n/a through 1.1, posing a significant risk to organizations using this software for appointment scheduling.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share