CVE Daily

CVE-2024-12755

A Cross-Site Scripting (XSS) vulnerability in Avaya Spaces may have allowed unau...

High CVSS 7.9

Overview

A Cross-Site Scripting (XSS) vulnerability in Avaya Spaces may have allowed unauthorized code execution and potential disclose of sensitive information.

CWE: CWE-79 Published: 2025-02-11T17:15:21.610
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.9 (HIGH)
  • Detected tags: rce, xss (tag impact: VERY HIGH)

Recommended actions:

  • Patch/upgrade immediately (remote code execution).
  • Reduce exposure (WAF/segmentation), minimize attack surface.
  • Apply context-aware output encoding.
  • Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Recommended tools

Tags