CVE-2024-32577

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 18, 2024

CWE ID 79

Summary

CVE-2024-32577 is a Cross-site Scripting (XSS) vulnerability affecting the CBX Bookmark & Favorite plugin for Codeboxr Team. The issue stems from improper neutralization of user input during web page generation, allowing attackers to inject malicious scripts into web pages viewed by other users. This vulnerability, which can lead to data theft or unauthorized actions, affects CBX Bookmark & Favorite versions from n/a through 1.7.20. It is strongly recommended that users upgrade to the latest version of the plugin to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vaJFdI
https://www.cve.org/CVERecord?id=CVE-2024-32577
https://nvd.nist.gov/vuln/detail/CVE-2024-32577

Back to Vulnerability Database

CVE-2024-32577

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations