CVE-2024-44793 is a medium-severity cross-site scripting (XSS) vulnerability identified in the Gazelle software, specifically within the /managers/multiple_freeleech.php component. The vulnerability arises from improper sanitization of user-supplied input in the 'torrents' parameter, allowing attackers to inject malicious scripts or HTML content. When a victim user accesses a crafted URL or interacts with the malicious payload, the injected script executes in their browser context, potentially leading to session hijacking, defacement, or redirection to malicious sites. The vulnerability does not require authentication or privileges but does require user interaction, such as clicking a malicious link. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) indicates network attack vector, low attack complexity, no privileges required, user interaction required, scope changed, and low impact on confidentiality and integrity, with no impact on availability. No patches or known exploits are currently reported, but the vulnerability is publicly disclosed and should be addressed promptly. The CWE-79 classification confirms this as a classic reflected or stored XSS issue, emphasizing the need for proper input validation and output encoding in web applications.

The primary impact of CVE-2024-44793 is the potential compromise of user confidentiality and integrity within affected Gazelle installations. Successful exploitation can lead to theft of session cookies, enabling attackers to impersonate users, escalate privileges, or perform unauthorized actions. It may also facilitate phishing attacks or malware distribution by injecting malicious content into trusted web pages. Although availability is not directly affected, the reputational damage and loss of user trust can be significant for organizations relying on Gazelle for torrent management. Since exploitation requires user interaction, the risk is somewhat mitigated but remains substantial in environments with untrained users or high exposure to malicious links. Organizations worldwide using Gazelle, especially those managing large torrent communities, face risks of data leakage, account compromise, and potential further exploitation through chained attacks.

To mitigate CVE-2024-44793, organizations should implement strict input validation and output encoding on the 'torrents' parameter within the /managers/multiple_freeleech.php component to prevent injection of malicious scripts. Employing Content Security Policy (CSP) headers can reduce the impact of XSS by restricting script execution sources. User input should be sanitized server-side and client-side, ensuring that special characters are properly escaped or removed. Monitoring and logging web requests for suspicious payloads targeting this parameter can aid in early detection. Educating users about the risks of clicking unknown or suspicious links reduces the likelihood of successful exploitation. Organizations should track Gazelle updates and apply patches as soon as they become available. If immediate patching is not possible, consider implementing web application firewalls (WAFs) with custom rules to block malicious payloads targeting this vulnerability. Regular security assessments and penetration testing focusing on XSS vectors are recommended to identify and remediate similar issues proactively.