CVE-2024-53781

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 2, 2024
CWE ID 352

Summary

CVE-2024-53781 is a newly disclosed vulnerability affecting Home Junction SpatialMatch IDX versions from n/a to 3.0.9. This issue combines Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS) weaknesses. An attacker could exploit the CSRF vulnerability to execute malicious scripts in a victim's browser, while the Stored XSS component allows the attacker to inject and save malicious code in web pages that are later accessed by other users. This combination poses a serious threat to users interacting with affected SpatialMatch IDX applications. It is strongly recommended that users upgrade to the latest, secure version to mitigate these risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share