CVE-2024-30428
CVSS 3.1 Score 7.1 of 10 (high)
Attack Complexity low
Scope changed
Confidentiality low
Integrity low
Availability low
Privileges Required none
Details
Published Mar 29, 2024
Updated: Apr 1, 2024
CWE ID 79
Summary
CVE-2024-30428 is a Cross-site Scripting (XSS) vulnerability affecting Contest Gallery from an undisclosed version up to 21.3.5. Hackers can exploit this issue by injecting malicious scripts into web pages generated by the Contest Gallery software. Successful attacks could lead to theft of user data or unauthorized actions on behalf of the attacker.Users are advised to update their Contest Gallery software to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share