{"vulnerability": "CVE-2025-24412", "sightings": [{"uuid": "04cfa844-67df-4b45-bbf4-01cae1e3b1c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24412", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwbi7ua6b2z", "content": "", "creation_timestamp": "2025-02-11T18:19:08.886347Z"}, {"uuid": "a59cc9f7-6b99-4081-b8f6-3952cc08b9b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24412", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5414", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24412\n\ud83d\udd25 CVSS Score: 8.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N)\n\ud83d\udd39 Description: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.\n\ud83d\udccf Published: 2025-02-11T17:37:36.216Z\n\ud83d\udccf Modified: 2025-02-25T21:39:45.984Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/magento/apsb25-08.html", "creation_timestamp": "2025-02-25T22:24:00.000000Z"}, {"uuid": "9b5b1836-edaf-44cb-ab2f-4558c250c99b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24412", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113986746219140459", "content": "", "creation_timestamp": "2025-02-11T18:48:45.426874Z"}, {"uuid": "64adae51-0834-44a9-bee0-ebf08418f385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24412", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhwkgsvewi2v", "content": "", "creation_timestamp": "2025-02-11T20:59:26.007515Z"}]}