CVE-2023-39972

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Aug 17, 2023
Updated: Aug 24, 2023
CWE ID 284

Summary

CVE-2023-39972 is an access control vulnerability affecting the AcyMailing Enterprise component for Joomla. This issue grants unauthorized users the ability to create new mailing lists, bypassing intended access restrictions. Successful exploitation could lead to the creation of unsanctioned mailing lists, potentially resulting in data leaks or unintended email campaigns. System administrators are advised to update their AcyMailing Enterprise instances to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share