CVE-2024-25099

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Mar 13, 2024

CWE ID 79

Summary

CVE-2024-25099 is a Cross-site Scripting (XSS) vulnerability affecting the Paytium: Mollie payment forms and donations software. The issue enables attackers to inject malicious scripts into web pages generated by the application, exploiting improper input neutralization. This vulnerability can allow unauthorized access to user data or session hijacking. The affected version range is from n/a to 4.4.2. Users are advised to update their software to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uZ5Q7f
https://www.cve.org/CVERecord?id=CVE-2024-25099
https://nvd.nist.gov/vuln/detail/CVE-2024-25099

Back to Vulnerability Database

CVE-2024-25099

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations