CVE-2024-9147
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2024-9147 is a vulnerability affecting Bna Informatics PosPratik before version 3.2.1. This issue involves an improper neutralization of script-related HTML tags in a Web Page, resulting in a Basic XSS (Cross-Site Scripting) vulnerability. Attackers can exploit this vulnerability by injecting malicious scripts through HTTP query strings, allowing them to execute arbitrary code in users' browsers. This poses a significant risk, as users visiting a maliciously crafted Web page may have their session cookies stolen or have unintended actions taken on their behalf. It is crucial that users upgrade to the latest version of PosPratik to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.