CVE-2024-8469
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-8469 is a critical SQL injection vulnerability affecting the product identified as 'tYxz11', which allows attackers to exploit the 'id' parameter in the /jobportal/admin/employee/index.php endpoint to retrieve sensitive stored information. The vulnerability has a CVSS base score of 9.8, indicating a high risk due to potential impacts on confidentiality, integrity, and availability of data with no user interaction required. Remediation measures include sanitizing inputs and implementing proper validation to prevent unauthorized queries. Organizations using affected products face significant risks, as successful exploitation could lead to severe data breaches and loss of sensitive information. For further details and guidance, organizations can refer to advisories such as those from INCIBE.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.