CVE-2023-43739

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 28, 2023
Updated: Sep 30, 2023
CWE ID 89

Summary

CVE-2023-43739 is a vulnerability affecting the cart.php resource where the 'bookisbn' parameter is not properly validated. This issue allows unfiltered characters to be sent directly to the database, potentially leading to SQL injection attacks and unauthorized access or data manipulation. Attackers can exploit this vulnerability by crafting malicious input to execute SQL queries or modify data, posing a significant risk to the security of the affected system. System administrators are strongly advised to apply patches or updates as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share