CVE-2023-4393

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Oct 30, 2023
Updated: Nov 8, 2023
CWE ID 79
CWE ID 20
CWE ID 74

Summary

CVE-2023-4393 is a vulnerability affecting LiquidFiles registration pages in versions 3.7.13 and below.Malicious actors can exploit this HTML and SMTP injection flaw to launch sophisticated phishing attacks.The attacker can manipulate the registration form to deliver fraudulent content or steal sensitive information.This vulnerability poses a significant risk to organizations, as it can be leveraged to bypass security measures and compromise user accounts.Organizations using LiquidFiles are advised to update to the latest version to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share