CVE-2024-8783

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 13, 2024
Updated: Sep 19, 2024
CWE ID 79

Summary

CVE-2024-8783 is a cross-site scripting vulnerability found in OpenTibiaBR MyAAC versions up to 0.8.16, specifically in the Post Reply Handler component located at filesystem/pages/forum/new_post.php. The manipulation of the post_topic argument allows attackers to exploit this vulnerability remotely, posing a medium-level threat to confidentiality and integrity with low privileges required for exploitation. To remediate this issue, users are advised to apply the available patch identified by commit bf6ae3df0d32fa22552bb44ca4f8489a6e78cc1c. The vulnerability has been publicly disclosed, making organizations at risk of potential attacks if they do not update their systems promptly. For more details, references can be found on platforms like GitHub and VULDB.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share