CVE-2024-6891
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-6891 is a newly disclosed vulnerability that allows attackers with valid credentials to inject malicious python code during the login process. The vulnerability is located in the login flow and can be exploited without requiring any advanced privileges or specialized tools. Successful exploitation could lead to unauthorized access, data theft, or system compromise. Users are strongly encouraged to apply patches or updates as soon as they become available to mitigate this risk. Organizations should also consider implementing multi-factor authentication and regularly monitoring their login attempts for suspicious activity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Journyx