CVE-2023-41710

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 8, 2024
Updated: Jan 22, 2024
CWE ID 79

Summary

CVE-2023-41710 is a vulnerability affecting a specific shop URL where user-defined script codes could be stored. The codes were not properly sanitized during DOM addition. Attackers could exploit this flaw by luring victims to compromised user accounts and forcing them to execute malicious scripts in the context of a trusted domain. This issue has been addressed by implementing sanitization for the content and no publicly-known exploits have surfaced as of now.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share