CVE-2023-41710
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Jan 8, 2024
Updated: Jan 22, 2024
CWE ID 79
Summary
CVE-2023-41710 is a vulnerability affecting a specific shop URL where user-defined script codes could be stored. The codes were not properly sanitized during DOM addition. Attackers could exploit this flaw by luring victims to compromised user accounts and forcing them to execute malicious scripts in the context of a trusted domain. This issue has been addressed by implementing sanitization for the content and no publicly-known exploits have surfaced as of now.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- OX App Suite
Affected Vendors
- Open-xchange