CVE-2023-43962

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Dec 9, 2024
Updated: Dec 12, 2024
CWE ID 79

Summary

CVE-2023-43962 is a Cross-Site Scripting (XSS) vulnerability affecting Xunrui CMS Public Edition version 4.6.1. A malicious actor can exploit this issue by injecting malicious code into the project name function in the project settings tab, allowing them to execute arbitrary scripts in the context of an unsuspecting user's browser. This could result in data theft, unauthorized account access, or other malicious activities. To mitigate this risk, users are advised to update their Xunrui CMS installation to the latest version or implement input validation and output encoding techniques to prevent XSS attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share