CVE-2023-4183

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 6, 2023
Updated: May 17, 2024
CWE ID 459

Summary

CVE-2023-4183 is a newly identified vulnerability affecting the Inventory Management System 1.0 from SourceCodester. This issue lies in the Password Handler component's edit_update.php file and is deemed problematic due to flawed access controls. By manipulating the user_id argument, an attacker can gain unauthorized access, making this a remotely exploitable vulnerability. VDB-236218 is the assigned identifier for this security concern.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Apache Software Foundation Struts
  • Apache Struts
  • Apache Struts 2.2

Affected Vendors

  • Apache Software Foundation
  • Apache Corporation