CVE-2024-54405

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 16, 2024

CWE ID 352

Summary

CVE-2024-54405 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Andy Chapman ECT Social Share software. The flaw permits an attacker to inject malicious scripts (Stored XSS) into a victim's web session through specially crafted requests. This issue poses a serious risk to users, as it can lead to unauthorized data manipulation or theft. The vulnerability affects versions of ECT Social Share ranging from n/a to 1.3, and users are urged to apply the necessary patches or upgrades to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1KLK0k
https://www.cve.org/CVERecord?id=CVE-2024-54405
https://nvd.nist.gov/vuln/detail/CVE-2024-54405

Back to Vulnerability Database

CVE-2024-54405

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations