CVE-2023-25966
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Dec 9, 2024
CWE ID 862
Summary
CVE-2023-25966 is a critical vulnerability affecting Ninja Team Filebird, where access control security levels are incorrectly configured, leading to a Missing Authorization issue. An attacker can exploit this flaw to gain unauthorized access to files, impacting versions 5.1.4 and earlier. This vulnerability can result in significant data exposure and potential unintended actions, emphasizing the importance of applying the necessary patches or updates to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- WordPress