CVE-2023-4433
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2023-4433 is a newly disclosed Cross-Site Scripting (XSS) vulnerability. This issue affects the GitHub repository cockpit-hq/cockpit prior to version 2.6.4. Malicious scripts injected in this vulnerability can be executed in users' browsers when they view a specially crafted webpage, leading to potential data theft or unauthorized actions. Attackers can exploit this stored XSS flaw by inserting malicious scripts into the vulnerable repository, posing a significant risk to unsuspecting users. Users are strongly advised to upgrade to the latest version of the repository to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe Acrobat DC
- Adobe Acrobat Reader
- Adobe Acrobat
- Adobe Acrobat Reader DC
Affected Vendors
- Adobe