CVE-2023-34650

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jun 28, 2023
Updated: Jul 6, 2023
CWE ID 79

Summary

CVE-2023-34650 is a newly identified vulnerability affecting PHPgurukul Small CRM version 1.0. This issue allows an attacker to inject malicious scripts into web pages viewed by other users, due to insufficient input validation. As a result, unsuspecting users could unknowingly expose sensitive information or be redirected to malicious sites, leading to potential data theft or account takeover. To mitigate this risk, users are advised to update their CRM software to a secure version as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share