CVSS Score of 10 (low)


Published Sep 14, 2023
Updated: Sep 20, 2023
CWE ID 346
CWE ID 1385


CVE-2023-2848 is a Cross-Site WebSocket Hijacking vulnerability that affects Movim prior to version 0.22. The vulnerability exists due to a missing header validation. The products affected include cjzo4B, cjzo4A, cjzo4D, cjzo4C, cjzo4F, cjzo4E, cjzo4G, svPGbX, and more. To remediate the vulnerability, users are advised to update to version 0.22 or later of Movim. This vulnerability poses a potential danger to organizations as it can be exploited remotely without requiring any privileges and can lead to high impact on integrity and confidentiality.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-2848 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options