CVE-2024-31101

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Mar 31, 2024

Updated: Apr 1, 2024

CWE ID 79

Summary

CVE-2024-31101 is a Cross-site Scripting (XSS) vulnerability affecting August Infotech's AI Twitter Feeds (Twitter widget and shortcode). The flaw, which allows for Stored XSS attacks, enables an attacker to inject malicious scripts into a vulnerable webpage, potentially stealing user data or taking control of their accounts. This issue impacts the AI Twitter Feeds versions 2.4 and below. Users are urged to update their software to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vHxmbk
https://www.cve.org/CVERecord?id=CVE-2024-31101
https://nvd.nist.gov/vuln/detail/CVE-2024-31101

Back to Vulnerability Database

CVE-2024-31101

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations