CVE-2024-9141

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Sep 25, 2024
Updated: Sep 26, 2024
CWE ID 79

Summary

CVE-2024-9141 is a Cross-Site Scripting (XSS) vulnerability affecting the Oct8ne system, which allows attackers to inject malicious JavaScript code into chat messages. This vulnerability arises from improper handling of chat content, enabling the execution of harmful scripts when messages are intercepted and altered. The exploitability score for this vulnerability is 2.8, with a medium severity rating of 5.4; it requires user interaction but does not require elevated privileges to exploit. To remediate this issue, organizations should review their input validation processes and ensure proper sanitization of user-generated content within the chat system. If left unaddressed, this vulnerability could lead to unauthorized actions or data exposure within affected applications.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share