CVE-2024-32580

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 18, 2024

CWE ID 79

Summary

CVE-2024-32580 is a Cross-site Scripting (XSS) vulnerability affecting Averta Master Slider from undisclosed versions up to and including 3.9.8. Maliciously crafted input data can be stored and executed in web pages generated by the plugin, potentially allowing attackers to inject malicious scripts and steal user data or take control of user sessions. This could lead to serious security consequences, including unauthorized access or data theft. Users are advised to update to the latest version of Averta Master Slider as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vaH-vf
https://www.cve.org/CVERecord?id=CVE-2024-32580
https://nvd.nist.gov/vuln/detail/CVE-2024-32580

Back to Vulnerability Database

CVE-2024-32580

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations