CVE-2024-53781
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-53781 is a newly disclosed vulnerability affecting Home Junction SpatialMatch IDX versions from n/a to 3.0.9. This issue combines Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS) weaknesses. An attacker could exploit the CSRF vulnerability to execute malicious scripts in a victim's browser, while the Stored XSS component allows the attacker to inject and save malicious code in web pages that are later accessed by other users. This combination poses a serious threat to users interacting with affected SpatialMatch IDX applications. It is strongly recommended that users upgrade to the latest, secure version to mitigate these risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.