CVE-2024-57409

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Feb 10, 2025

Updated: Feb 11, 2025

CWE ID 79

Summary

CVE-2024-57409 is a stored cross-site scripting (XSS) vulnerability affecting the Parameter List module in cool-admin-java v1.0. Attackers can exploit this weakness by injecting malicious scripts or HTML code into the 'internet pictures' field. Successful attacks could result in the execution of arbitrary web scripts or HTML, potentially leading to unauthorized access or data theft. Users of cool-admin-java v1.0 are advised to apply necessary patches or updates as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2T6HUB
https://www.cve.org/CVERecord?id=CVE-2024-57409
https://nvd.nist.gov/vuln/detail/CVE-2024-57409

Back to Vulnerability Database

CVE-2024-57409

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations