CVE-2023-40173
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Aug 18, 2023
Updated: Aug 23, 2023
CWE ID 522
Summary
CVE-2023-40173 affects the Social media skeleton project before version 1.0.5. This uncompleted social media framework, implemented using php, css, javascript, and html, lacked proper password salting. Consequently, user passwords were vulnerable to cracking if an attacker obtained the hashed passwords. Version 1.0.5 addresses this issue, and users are strongly advised to upgrade without delay. No known workarounds exist for this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share