CVE-2024-6531
CVSS 3.1 Score 6.4 of 10 (medium)
Details
Summary
CVE-2024-6531 is a newly identified Cross-Site Scripting (XSS) vulnerability affecting the Bootstrap carousel component. The weakness lies in the inadequate sanitization of the data-slide and data-slide-to attributes in the <a> tag's href property. Malicious actors can exploit this vulnerability to inject and execute arbitrary JavaScript code within a user's browser, potentially gaining unauthorized access or stealing sensitive information. This issue poses a significant threat to websites using the Bootstrap carousel component and necessitates immediate mitigation efforts.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.