CVE-2024-52348

Name of the Vulnerable Software and Affected Versions AA Audio Player versions n/a through 1.0

Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). Specifically, it is a DOM-Based XSS vulnerability. This means that the vulnerability occurs when user input is not properly sanitized, allowing an attacker to inject malicious code into the webpage, which can then be executed by the user's browser.

Recommendations For AA Audio Player versions n/a through 1.0, consider disabling any functionality that allows user input to be directly reflected in the webpage's DOM until a patch is available. Restrict access to sensitive features of the AA Audio Player to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.