CVE-2024-53930

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Nov 25, 2024
Updated: Nov 26, 2024
CWE ID 79

Summary

CVE-2024-53930 is a stored Cross-Site Scripting (XSS) vulnerability affecting WikiDocs versions prior to 1.0.65. Authenticated users can exploit this issue by injecting malicious data after $$ in a document, which is incorrectly processed by the KaTeX parser. This vulnerability can be exploited to execute arbitrary scripts in the context of other users, potentially leading to unauthorized actions or data theft. It is recommended that users upgrade to the latest version of WikiDocs to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share