CVE-2024-8776
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2024-8776 identifies a vulnerability in SmartRobot from INTUMIT, which allows unauthenticated remote attackers to perform Reflected Cross-site Scripting (XSS) attacks by exploiting improper validation of a specific page parameter. The affected product is identified as 'yomgZX.' This vulnerability has a medium severity rating, with an exploitability score of 2.8, indicating that it requires user interaction and can be exploited through network vectors with low attack complexity. To mitigate this risk, organizations should implement proper input validation for web page parameters and ensure that security updates are applied. If left unaddressed, the vulnerability could lead to potential JavaScript injection, posing risks to data integrity and user experience.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.