CVE-2023-43961
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2023-43961 is a vulnerability affecting Dromara SaToken version 1.3.50RC and earlier. This issue arises when using Spring dynamic controllers, and a maliciously crafted request can bypass the authentication process, enabling unauthorized access. Attackers could exploit this vulnerability to gain unauthorized access to protected resources, potentially leading to data theft or other malicious activities. System administrators and users are advised to update to the latest version of Dromara SaToken to mitigate this risk. Failure to address this vulnerability could expose organizations to significant security risks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.