CVE-2024-54400

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 16, 2024

CWE ID 352

Summary

CVE-2024-54400 is a Cross-Site Request Forgery (CSRF) vulnerability identified in MELONIQ.NET AppMaps. This issue allows an attacker to execute Stored Cross-Site Scripting (XSS) attacks on unsuspecting users. The vulnerability affects AppMaps versions from n/a through 1.1, putting a significant number of users at risk. An attacker can exploit this vulnerability by crafting a malicious request that, when processed by the application on behalf of the victim, results in the execution of malicious scripts in the user's browser. This can lead to data theft, session hijacking, or other malicious activities. Users are advised to update to the latest version of AppMaps to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database