CVE-2024-8411

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Sep 4, 2024
Updated: Sep 5, 2024
CWE ID 79

Summary

CVE-2024-8411 is a vulnerability found in ABCD ABCD2 versions up to 2.2.0-beta-1, affecting the file /buscar_integrada.php and allowing cross-site scripting (XSS) through manipulation of the Sub_Expresion argument. This issue can be exploited remotely, potentially leading to unauthorized actions on affected products, including yZIDPl, yZIGa2, and yZIGa3. The vendor was notified but did not respond to the disclosure of this vulnerability. To remediate it, organizations should update their systems to versions beyond 2.2.0-beta-1 if available, or implement input validation measures to mitigate the risk of XSS attacks. The vulnerability carries a medium severity rating and has an exploitability score of 2.8, indicating that user interaction is required for successful exploitation while posing a low integrity impact risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share