CVE-2023-39599

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Aug 22, 2023
Updated: Aug 28, 2023
CWE ID 79

Summary

CVE-2023-39599 is a Cross-Site Scripting (XSS) vulnerability that affects CSZ CMS v.1.3.0. Attackers can exploit this vulnerability by executing arbitrary code through a crafted payload in the Social Settings parameter. The vulnerability has a base severity of MEDIUM with a base score of 5.4 according to NIST's CVSS:3.1 rating. The privileges required for exploitation are LOW, and user interaction is required. The attack vector is through the network, and the impact on integrity and confidentiality is LOW. The vulnerability does not have any availability impact, posing moderate danger to organizations. Remediation measures should be taken to address this vulnerability promptly and protect against potential exploits.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share