CVE-2023-45671

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Oct 30, 2023
Updated: Dec 13, 2023
CWE ID 79

Summary

CVE-2023-45671 is a reflected cross-site scripting vulnerability in Frigate, an open-source network video recorder. The vulnerability exists in versions prior to 0.13.0 Beta 3 and affects endpoints reliant on the /<camera_name> base path. Exploiting this vulnerability requires specific knowledge about the user's Frigate server and tricking an authenticated user into clicking a crafted link. To remediate the issue, users should update their Frigate instance to version 0.13.0 Beta 3 or later. This vulnerability poses a medium risk, with a base severity of 4.7, and can lead to arbitrary JavaScript execution if exploited, potentially compromising the confidentiality and integrity of the affected organization's data.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-45671 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options