CVE-2024-51858

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 19, 2024

CWE ID 79

Summary

CVE-2024-51858 is a Cross-site Scripting (XSS) vulnerability affecting Umar Social Locker, a component used for adding social sharing buttons and other features to websites. The flaw, specifically referred to as an Improper Neutralization of Input During Web Page Generation vulnerability, allows an attacker to inject malicious scripts into a website, which can be stored and executed on subsequent visits by unsuspecting users. This issue can lead to data theft, unauthorized account access, and other malicious activities. Affected versions of Umar Social Locker span from n/a through 1.1. To mitigate the risk, it is recommended that users upgrade to the latest patched version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database