Critical severity9.6NVD Advisory· Published Nov 21, 2024· Updated Jun 17, 2026
CVE-2024-52053
CVE-2024-52053
Description
Stored Cross-Site Scripting in the Manager component of Wowza Streaming Engine below 4.9.1 allows an unauthenticated attacker to inject client-side JavaScript into the web dashboard to automatically hijack admin accounts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<4.9.1+ 1 more
- (no CPE)range: <4.9.1
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
2- www.rapid7.com/blog/post/2024/11/20/multiple-vulnerabilities-in-wowza-streaming-engine-fixed/nvdThird Party Advisory
- www.wowza.com/docs/wowza-streaming-engine-4-9-1-release-notesnvdRelease Notes
News mentions
0No linked articles in our index yet.