CVE-2024-22297

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 31, 2024

Updated: Feb 6, 2024

CWE ID 79

Summary

CVE-2024-22297 is a Cross-site Scripting (XSS) vulnerability affecting the CBX Map for Google Map & OpenStreetMap from version n/a through 1.1.11. An attacker can exploit this Improper Neutralization of Input vulnerability during web page generation to execute malicious scripts in a user's browser, potentially stealing sensitive information or taking control of their account. This poses a significant risk to users interacting with the affected component. It is crucial that users and administrators upgrade to a patched version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uE2YTb
https://www.cve.org/CVERecord?id=CVE-2024-22297
https://nvd.nist.gov/vuln/detail/CVE-2024-22297

Back to Vulnerability Database

CVE-2024-22297

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations