CVE-2024-54354

Summary

CVE-2024-54354 represents a Missing Authorization vulnerability found in Beat Kueffer's Termin-Kalender. This issue facilitates Stored Cross-Site Scripting (XSS) attacks, allowing malicious code injection into the application. The flaw impacts Termin-Kalender versions from n/a to 0.99.47. An attacker can exploit this vulnerability by inserting malicious scripts into the system, potentially leading to data theft or unauthorized system access. Users are advised to update their Termin-Kalender installations to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.