CVE-2023-41357
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Nov 3, 2023
Updated: Nov 13, 2023
CWE ID 434
Summary
CVE-2023-41357 is a vulnerability affecting Galaxy Software Services Corporation's Vitals ESP, an online knowledge base management portal. The issue stems from insufficient filtering and validation during file uploads. An attacker with authenticated general user privileges can exploit this vulnerability to upload and execute scripts on arbitrary directories. This can potentially lead to arbitrary system operations or service disruptions.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- GSS