CVE-2023-40560

Summary

CVE-2023-40560 is a vulnerability categorized as a secondary cyber vulnerability. It is an authentication (admin+) stored cross-site scripting (XSS) vulnerability found in the Greg Ross Schedule Posts Calendar plugin versions <= 5.2. The vulnerability affects multiple products, including s-pbLO, s-pbLP, s-pbLM, s-pbLN, s-pbLc, s-pbLd, s-pbLa, s-pbLb, s-pbLY, s-pbLZ, s-pbLW, s-pbLX, s-pbLU, s-pbLV, s-pbLS, s-pbLT, and s-pbLR. The risk score assigned to this vulnerability is 26. Remediation steps to address the issue are not provided in the information provided. The potential danger posed by this vulnerability to an organization includes the risk of unauthorized access or manipulation of stored data and potential injection of malicious scripts leading to further attacks on users visiting the affected website or application.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.