CVE-2023-43962
CVSS 3.1 Score 4.8 of 10 (medium)
Details
Summary
CVE-2023-43962 is a Cross-Site Scripting (XSS) vulnerability affecting Xunrui CMS Public Edition version 4.6.1. A malicious actor can exploit this issue by injecting malicious code into the project name function in the project settings tab, allowing them to execute arbitrary scripts in the context of an unsuspecting user's browser. This could result in data theft, unauthorized account access, or other malicious activities. To mitigate this risk, users are advised to update their Xunrui CMS installation to the latest version or implement input validation and output encoding techniques to prevent XSS attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.