CVE-2024-6179

Summary

CVE-2024-6179 is a Cross-site Scripting (XSS) vulnerability affecting LG Electronics SuperSign CMS. The issue stems from improper neutralization of user input during web page generation. Successful exploitation of this vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. This security flaw can lead to information disclosure, session hijacking, and other forms of unauthorized activity. SuperSign CMS versions from 4.1.3 up to, but not including, 4.3.1 are vulnerable to this Reflected XSS vulnerability. It is essential for affected organizations to apply the necessary patches promptly to safeguard their systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.