CVE-2024-32553

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Apr 18, 2024

CWE ID 79

Summary

CVE-2024-32553 is a Cross-site Scripting (XSS) vulnerability affecting the looks_awesome Superfly Menu. The flaw, specifically an Improper Neutralization of Input During Web Page Generation issue, enables attackers to inject malicious scripts into affected web pages. This stored XSS vulnerability poses a serious threat, allowing attackers to execute arbitrary code on users' browsers. The affected version range for Superfly Menu is from n/a to 5.0.25. It is crucial for users to update their menus to the latest, secure version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vaF6L7
https://www.cve.org/CVERecord?id=CVE-2024-32553
https://nvd.nist.gov/vuln/detail/CVE-2024-32553

Back to Vulnerability Database

CVE-2024-32553

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations