CVE-2023-34654

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 5, 2023
Updated: Jul 10, 2023
CWE ID 79

Summary

CVE-2023-34654 is a newly identified Cross Site Scripting (XSS) vulnerability affecting taocms versions prior to 3.0.3. An attacker can exploit this bug by injecting malicious scripts into web pages viewed by other users, potentially stealing sensitive information or taking control of user sessions. Successful exploitation requires the user to visit a specifically crafted malicious webpage or click on a malicious link. Users are advised to upgrade to the latest version of taocms to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share