CVE-2023-38582

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Sep 18, 2023
Updated: May 17, 2024
CWE ID 79

Summary

CVE-2023-38582 is a vulnerability classified as "Persistent cross-site scripting (XSS)" in the web application of MOD3GP-SY-120K. This vulnerability allows an authenticated remote attacker to inject arbitrary JavaScript through the MAIL_RCV field, which will be executed when a legitimate user accesses the vulnerable page. The affected product is t0DdeK. The risk score is 26 and the base severity is classified as MEDIUM. The exploitability score is 2.8, privileges required are NONE, user interaction is required, and the attack vector is network-based. The potential danger posed to an organization includes low integrity impact, low confidentiality impact, and low availability impact.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-38582 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options