CVE-2024-32560

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 18, 2024

CWE ID 79

Summary

CVE-2024-32560 is a Cross-site Scripting (XSS) vulnerability affecting Sharabindu QR Code Composer. The flaw, which allows Stored XSS attacks, occurs during the web page generation process. This issue exists in QR Code Composer versions from n/a to 2.0.3, posing a significant risk for those using the affected software. Attackers can inject malicious scripts into a targeted web page, leading to unauthorized access, data theft, or other malicious activities. Users are advised to update their software to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vaGQV5
https://www.cve.org/CVERecord?id=CVE-2024-32560
https://nvd.nist.gov/vuln/detail/CVE-2024-32560

Back to Vulnerability Database

CVE-2024-32560

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations