CVE-2023-1722

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jun 24, 2023
Updated: Jun 30, 2023
CWE ID 352

Summary

CVE-2023-1722 is a vulnerability affecting the Yoga Class Registration System version 1.0. An administrator can exploit this issue by uploading maliciously crafted thumbnail images, which are not properly validated by the application. This allows the attacker to execute commands on the server, potentially leading to significant security risks. The vulnerability could result in data breaches, unauthorized system access, or even system takeover. Organizations using this system are advised to apply the necessary patches promptly to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share