CVE-2023-4534
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Aug 25, 2023
Updated: May 17, 2024
CWE ID 200
Summary
CVE-2023-4534 represents a cross-site scripting (XSS) vulnerability in NeoMind Fusion Platform versions up to and including 20230731. This issue affects an unidentified function within the /fusion/portal/action/Link file. By manipulating the link argument, an attacker can inject malicious code, potentially launching a remote attack. The exploit for this vulnerability has been made public, increasing the risk of exploitation. VDB-238026 is the assigned identification number for this flaw. Notably, the vendor was informed of this disclosure but did not respond.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Apache Airflow
Affected Vendors
- Apache Software Foundation