CVE-2024-5849

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Aug 13, 2024

Updated: Aug 22, 2024

CWE ID 79

Summary

CVE-2024-5849 is a newly disclosed vulnerability that allows an unauthenticated attacker to execute a Reflected Cross-Site Scripting (XSS) attack. This issue enables the adversary to obtain sensitive information from a user or even reboot the affected device through a specially crafted malicious link. The vulnerability poses a significant risk, especially in environments where users frequently click on unverified links, and could lead to serious consequences if exploited successfully. It is crucial for affected organizations to apply the necessary patches as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/waQ1F8
https://www.cve.org/CVERecord?id=CVE-2024-5849
https://nvd.nist.gov/vuln/detail/CVE-2024-5849

Back to Vulnerability Database

CVE-2024-5849

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations