CVE-2023-33563

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 1, 2023
Updated: Nov 7, 2023
CWE ID 287

Summary

CVE-2023-33563 is a vulnerability affecting the PHP Jabbers Time Slots Booking Calendar version 3.3. This issue arises from the lack of verification during the process of changing an email address and/or password on the Profile Page. Consequently, remote attackers are able to seize control of user accounts by exploiting this weakness. This vulnerability poses a significant risk to the confidentiality and integrity of affected systems, making it essential for users to promptly update their installations to a secure version.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share