CVE-2024-8467
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-8467 is an SQL injection vulnerability affecting the product identified as 'tYxz11,' which allows attackers to exploit the 'id' parameter in the '/jobportal/admin/category/index.php' endpoint, potentially retrieving sensitive information stored in the database. The vulnerability is classified as having a high base severity score of 7.5 and can be exploited over the network without requiring user interaction or special privileges. Organizations are urged to remediate this issue by validating and sanitizing input parameters to prevent malicious queries from being executed. The risk posed by this vulnerability includes significant confidentiality impacts, exposing sensitive data to unauthorized users. For further details and guidance, organizations can refer to advisories such as those provided by INCIBE-CERT.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.