CVE-2023-38475
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Dec 13, 2024
CWE ID 862
Summary
CVE-2023-38475 is a critical vulnerability affecting RedNao Donations Made Easy – Smart Donations versions 4.0.12 and below. The issue involves missing authorization controls, which enable unauthorized access to certain functionalities. This vulnerability can be exploited if the access control security levels are incorrectly configured, potentially leading to data manipulation or unauthorized actions within the donation system. Organizations utilizing this software are urged to apply the necessary patches as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share