CVE Catalog

CVE-2024-35690

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Summary

CVE-2024-35690 describes a vulnerability where sensitive information can be inserted into sent data in MarketingFire Widget Options, allowing retrieval of embedded sensitive data.

Risk Assessment

Organizations may be exposed to the risk of sensitive information disclosure, potentially leading to privacy breaches and data security issues.

Recommendation

It is recommended to update Widget Options to the latest version to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

Insertion of sensitive information into sent data vulnerability in MarketingFire Widget Options allows Retrieve Embedded Sensitive Data. This issue affects Widget Options: from n/a through 4.0.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS