CVE-2024-32527

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 17, 2024

CWE ID 79

Summary

CVE-2024-32527 is a Cross-site Scripting (XSS) vulnerability affecting Jotform's Online Forms. The flaw, named "Improper Neutralization of Input During Web Page Generation," enables attackers to inject malicious scripts into forms, potentially stealing user data or taking control of their browser sessions. Affected versions range from n/a to 1.3.1. Users are urged to update to the latest patch or implement additional security measures to prevent these attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vaG0YY
https://www.cve.org/CVERecord?id=CVE-2024-32527
https://nvd.nist.gov/vuln/detail/CVE-2024-32527

Back to Vulnerability Database

CVE-2024-32527

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations