CVE-2024-8468

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 5, 2024
Updated: Sep 6, 2024
CWE ID 89

Summary

CVE-2024-8468 is a critical SQL injection vulnerability affecting the product identified as 'tYxz11'. This vulnerability allows an attacker to execute specially crafted queries through the search parameter in the /jobportal/index.php endpoint, potentially retrieving sensitive information stored in the database. The exploitability score for this vulnerability is 3.9, with a base severity rating of 9.8, indicating high confidentiality, integrity, and availability impacts with no authentication required for exploitation. Organizations are advised to remediate this issue by implementing input validation and sanitization measures to prevent malicious queries from being processed. Failure to address this vulnerability may lead to significant data breaches, compromising sensitive organizational data and systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share