CVE-2023-41642
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2023-41642 is a reflected cross-site scripting (XSS) vulnerability affecting the ErroreNonGestito.aspx component of GruppoSCAI RealGimm 1.1.37p38. Attackers can exploit this issue by injecting malicious Javascript into the VIEWSTATE parameter, which is then executed in the victim's browser. Multiple XSS vulnerabilities have been identified, posing a significant risk to users who visit a compromised website or click on a malicious link. Successful exploitation can lead to data theft, session hijacking, or other malicious activities. It is crucial that users and organizations apply the available patch or workaround to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.