CVE-2024-32133

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Apr 15, 2024

CWE ID 79

Summary

CVE-2024-32133 is a Cross-site Scripting (XSS) vulnerability affecting the Michael Schuppenies EZ Form Calculator. The flaw, located in the web page generation process, permits attackers to inject malicious scripts. This issue can be exploited to steal user data or take control of user sessions. The vulnerability impacts versions 2.14.0.3 and below of EZ Form Calculator. Users are advised to update to a patched version to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vVegYG
https://www.cve.org/CVERecord?id=CVE-2024-32133
https://nvd.nist.gov/vuln/detail/CVE-2024-32133

Back to Vulnerability Database

CVE-2024-32133

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations