CVSS 3.1 Score 7.1 of 10 (high)


Published Oct 25, 2023
Updated: Nov 2, 2023


CVE-2023-46070 is a vulnerability categorized as Unauth. Reflected Cross-Site Scripting (XSS) affecting versions <= 2.1.3 of the Emmanuel GEORJON EG-Attachments plugin. It impacts multiple products including tPHKKX, tPHKKW, tPHKKV, and others. The vulnerability has a base severity of HIGH with a base score of 7.1 according to the CVSS:3.1 scoring system. Remediation for this vulnerability is not specified in the provided information. The potential danger it poses to an organization includes the risk of unauthorized script execution on affected systems, potentially leading to data theft or manipulation on web pages generated by the plugin.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-46070 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options