CVE-2024-51654

Summary

CVE-2024-51654 is a Cross-Site Request Forgery (CSRF) vulnerability discovered in APK.Support APK Downloader. This issue permits an attacker to execute Stored XSS (Cross-Site Scripting) attacks on unsuspecting users. The vulnerability affects APK Downloader versions from n/a through 1.0.0. An attacker could exploit this flaw by tricking a user into visiting a malicious website or clicking a specially crafted link, leading to arbitrary code execution in the user's web browser. This can result in data theft, session hijacking, or other malicious activities. Users are advised to update their APK Downloader to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.