CVE-2024-54223
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-54223: A critical vulnerability has been identified in ARForms Form Builder by Repute InfoSystems, affecting versions from n/a to 1.7.1. This issue is an Improper Neutralization of Script-Related HTML Tags (XSS) vulnerability, enabling code injection through Contact Forms. Attackers can exploit this Basic XSS flaw to execute malicious scripts within users' browsers, potentially stealing sensitive information or taking control of affected systems. Users are strongly advised to patch their ARForms Form Builder installations as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.