CVE-2024-8863

CVSS 3.1 Score 3.5 of 10 (low)

Details

Published Sep 14, 2024
Updated: Sep 20, 2024
CWE ID 79

Summary

CVE-2024-8863 is a cross-site scripting vulnerability affecting aimhubio aim versions up to 3.24, specifically within the dangerouslySetInnerHTML function in the textbox.tsx file of the Text Explorer component. This vulnerability allows attackers to manipulate input, potentially leading to remote exploitation. The vendor has been contacted regarding this issue but has not responded, raising concerns over timely remediation. Organizations using affected products should implement input validation and sanitization measures to mitigate potential attacks. Although classified as low severity, the exploit's public disclosure increases the risk of abuse in a live environment if left unaddressed.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share