CVE-2024-4310

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 29, 2024

Updated: Apr 30, 2024

CWE ID 400

Summary

CVE-2024-4310 is a Cross-site Scripting (XSS) vulnerability identified in HubBank's software version 1.0.2. An attacker can exploit this issue by sending a malicious JavaScript payload to registration and profile forms. Once an authenticated user loads the affected page, the payload is executed, leading to a session takeover, putting user data and account access at risk. This vulnerability underscores the importance of implementing robust input validation and output encoding techniques to protect against XSS attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/x7FcUL
https://www.cve.org/CVERecord?id=CVE-2024-4310
https://nvd.nist.gov/vuln/detail/CVE-2024-4310

Back to Vulnerability Database

CVE-2024-4310

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations