CVE-2024-54410

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 16, 2024

CWE ID 352

Summary

CVE-2024-54410 is a newly discovered vulnerability affecting the Toby Cox SOPA Blackout software. This issue involves a Cross-Site Request Forgery (CSRF) weakness that also allows Stored XSS (Cross-Site Scripting) attacks. The CSRF vulnerability can be exploited by malicious actors to execute unintended actions on behalf of a victim, while the Stored XSS vulnerability enables attackers to inject malicious scripts into a website, potentially leading to data theft or user compromise. The CVE identifies this issue in SOPA Blackout, with an impact range from the latest 1.4 version back to the initial release.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1KJ9Se
https://www.cve.org/CVERecord?id=CVE-2024-54410
https://nvd.nist.gov/vuln/detail/CVE-2024-54410

Back to Vulnerability Database

CVE-2024-54410

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations