CVE-2023-46023

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 14, 2023
Updated: Nov 17, 2023
CWE ID 89

Summary

CVE-2023-46023 is a SQL injection vulnerability discovered in the "addTask.php" file of the Code-Projects Simple Task List 1.0 application. This issue enables attackers to gain unauthorized access to sensitive information by manipulating the 'status' parameter in SQL queries. Successful exploitation could lead to the leakage of confidential data, potentially compromising the security of the affected system. It is recommended that users immediately update to the latest version of the application to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share