CVE-2023-39973
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Aug 17, 2023
Updated: Aug 24, 2023
CWE ID 284
Summary
CVE-2023-39973 is an access control vulnerability affecting the AcyMailing Enterprise component for Joomla. This issue allows unauthorized users to remove attachments from campaigns, bypassing the intended access controls. Successful exploitation could lead to data loss or unintended modification of email marketing campaigns. Organizations using AcyMailing Enterprise on Joomla are advised to apply the available patch or update to mitigate this risk. Failure to address this vulnerability could result in confidential data exposure or email campaign disruption.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share