CVE-2024-6082

Summary

CVE-2024-6082 is a vulnerability found in PHPVibe 11.0.46, specifically in the processing of the file functionalities.global.php of the Global Options Page component. This vulnerability allows for cross-site scripting attacks, where an attacker can manipulate the argument site-logo-text to initiate remote attacks. The exploit has been disclosed publicly and can pose a potential danger to organizations using PHPVibe 11.0.46. It is advised to remediate this vulnerability by updating to a patched version provided by the vendor, although no response has been received from them regarding this disclosure. The vulnerability has a CVSS score of 3.3 and a base severity of LOW according to the analysis provided by [email protected].

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.