CVE-2023-30870
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Dec 9, 2024
CWE ID 862
Summary
CVE-2023-30870 is a new vulnerability affecting the wooproductimporter Sharkdropship for AliExpress Dropship and Affiliate software. This issue involves a Missing Authorization flaw that can be exploited when access control security levels are incorrectly configured. The vulnerability allows unauthorized access, potentially leading to serious data compromise or system takeover. The affected software versions range from n/a to 2.2.3. Users are urged to apply the necessary patches to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share