CVE-2024-56112

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 16, 2024

CWE ID 79

Summary

CVE-2024-56112 is a newly disclosed vulnerability affecting CyberPanel, also known as Cyber Panel. This issue permits Cross-Site Scripting (XSS) attacks against the application. An attacker can exploit this vulnerability by injecting malicious code into the plogical/phpmyadminsignin.php page through a specially crafted token or username. Successful exploitation could lead to unauthorized access to user sessions or data theft. Users of CyberPanel are advised to apply the latest patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1pBfgQ
https://www.cve.org/CVERecord?id=CVE-2024-56112
https://nvd.nist.gov/vuln/detail/CVE-2024-56112

Back to Vulnerability Database

CVE-2024-56112

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations