Sensitive Information Injection Vulnerability Affects VideoWhisper.Com Products
CVE-2024-49235
7.5HIGH
Key Information
- Vendor
- Videowhisper.com
- Status
- Contact Forms, Live Support, Crm, Video Messages
- Vendor
- CVE Published:
- 17 October 2024
Summary
Insertion of Sensitive Information Into Sent Data vulnerability in VideoWhisper.Com Contact Forms, Live Support, CRM, Video Messages allows Retrieve Embedded Sensitive Data.This issue affects Contact Forms, Live Support, CRM, Video Messages: from n/a through 1.10.2.
Affected Version(s)
Contact Forms, Live Support, CRM, Video Messages <= 1.10.2
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Joshua Chan (Patchstack Alliance)