vulnerability

Wowza Streaming Engine: CVE-2024-52053: Unauthenticated Client-side JavaScript Injection

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Nov 20, 2024	Nov 20, 2024	Mar 5, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Nov 20, 2024

Added

Nov 20, 2024

Modified

Mar 5, 2025

Description

An unauthenticated attacker can inject client-side JavaScript into the administrator dashboard to automatically hijack admin accounts.

wowza-streaming-engine-upgrade-4-9-1

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.