CVE-2023-37743
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Published Jul 13, 2023
Updated: Dec 20, 2023
CWE ID 79
Summary
CVE-2023-37743 is a cross-site scripting (XSS) vulnerability affecting the Teacher Subject Allocation System v1.0. attackers can exploit this weakness by injecting malicious payloads into the Search text box, enabling them to execute arbitrary web scripts or HTML, potentially stealing user data or taking control of sessions. This flaw poses a serious risk to users of the affected system and requires immediate attention and patching.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share