CVE-2024-52762

Summary

CVE-2024-52762 is a cross-site scripting (XSS) vulnerability affecting versions 3.73 to 3.76 of the Ganglia-web component, specifically the /master/header.php file. This issue enables attackers to inject arbitrary web scripts or HTML into the "tz" parameter, potentially leading to unintended execution of malicious code in users' browsers. The successful exploitation of this vulnerability could result in information disclosure, session hijacking, or other unintended actions. Users are strongly advised to update their Ganglia-web installation to a patched version to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.