From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: HubSpot - CRM, Email Marketing, Live Chat, Forms & Analytics <= 11.1.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via HubSpot Meeting Widget 2. Vulnerability Description: - Details the vulnerability, including type, scope, and attack method. - Exploits the attribute of the HubSpot Meeting Widget, allowing unauthorized attackers to inject malicious scripts. 3. Vulnerability Rating: - CVSS Score: 6.4 (Medium) - CVE ID: CVE-2024-5879 4. Disclosure Date: August 29, 2024 5. Update Date: August 30, 2024 6. Researcher: wecraft 7. Fix Status: - Fixed: Patched in version 11.1.34 or higher. 8. Affected Versions: <= 11.1.22 9. Fixed Version: 11.1.34 10. Vulnerability Details: - Detailed information about the vulnerability, including type, scope, and attack method. - Exploits the attribute of the HubSpot Meeting Widget, allowing unauthorized attackers to inject malicious scripts. 11. References: - plugins.trac.wordpress.org - plugins.trac.wordpress.org 12. Vulnerability Details: - Detailed information about the vulnerability, including type, scope, and attack method. - Exploits the attribute of the HubSpot Meeting Widget, allowing unauthorized attackers to inject malicious scripts. 13. Copyright Information: - Copyright: 2012–2024 Defiant Inc. and The MITRE Corporation - License: MITRE grants users the right to copy, distribute, and modify vulnerability information, provided the original link and MITRE copyright notice are included. 14. Contact Information: - Email: wfi-support@wordfence.com 15. Exploitation Method: - Details how the vulnerability can be exploited, including type, scope, and attack method. - Exploits the attribute of the HubSpot Meeting Widget, allowing unauthorized attackers to inject malicious scripts. 16. Remediation Recommendation: - Users are advised to upgrade to version 11.1.34 or later to resolve the vulnerability. 17. Impact: - Describes the scope of impact, including vulnerability type, affected systems, and attack method. - Exploits the attribute of the HubSpot Meeting Widget, allowing unauthorized attackers to inject malicious scripts. 18. Patch Information: - Details how the vulnerability was fixed, including type, scope, and attack method. - Exploits the attribute of the HubSpot Meeting Widget, allowing unauthorized attackers to inject malicious scripts. 19–42. Vulnerability Details (repeated entries): - Each entry reiterates the same information: the vulnerability exploits the attribute of the HubSpot Meeting Widget, enabling unauthorized attackers to inject malicious scripts.