CVE-2024-25582

NVD Published Date: August 19, 2024 at 07:15 AM
NVD Last Modified: August 19, 2024 at 12:59 PM
Download Patch
Vulnerability ID
CVE-2024-25582
Severity
None
Severity Score
None
Summary
Module savepoints could be abused to inject references to malicious code delivered through the same domain. Attackers could perform malicious API requests or extract information from the users account. Exploiting this vulnerability requires temporary access to an account or successful social engineering to make a user follow a prepared link to a malicious account. Please deploy the provided updates and patch releases. The savepoint module path has been restricted to modules that provide the feature, excluding any arbitrary or non-existing modules. No publicly available exploits are known.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
None
CWE ID
None

Recent Publish

CVE-2024-42675

2024-05 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5037800)

2024-05 Security Monthly Quality Rollup for Windows Server 2008 for x86-based Systems (KB5037800)

2024-05 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5037803)

2024-05 Security Only Quality Update for Windows Embedded Standard 7 for x64-based Systems (KB5037803)

2024-05 Security Only Quality Update for Windows Embedded Standard 7 for x86-based Systems (KB5037803)

See SecOps Solution
in action

Schedule Demo