CVE-2024-51652

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Nov 19, 2024

CWE ID 352

Summary

CVE-2024-51652 is a Cross-Site Request Forgery (CSRF) vulnerability discovered in the Skip To accessibility tool, versions n/a through 2.0.0, developed by Prem Nawaz Khan, Victor Tsaran, Ron Feathers, and Marc Kocher. This weakness enables an attacker to execute Stored Cross-Site Scripting (XSS) attacks on unsuspecting users. An attacker can manipulate a victim's browser to make unintended requests, potentially leading to data theft or unauthorized actions. Users are strongly advised to update to the latest version of Skip To as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0BMjnN
https://www.cve.org/CVERecord?id=CVE-2024-51652
https://nvd.nist.gov/vuln/detail/CVE-2024-51652

Back to Vulnerability Database

CVE-2024-51652

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations