CVE-2023-46240

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 31, 2023
Updated: Nov 8, 2023
CWE ID 209

Summary

CVE-2023-46240 is a vulnerability that affects CodeIgniter, a PHP full-stack web framework. The vulnerability exists in versions prior to CodeIgniter4 version 4.4.3, where a detailed error report is displayed even in the production environment, potentially leaking confidential information. To remediate this vulnerability, users can replace ini_set('display_errors', '0') with ini_set('display_errors', 'Off') in app/Config/Boot/production.php. This vulnerability poses a potential danger to organizations as it could lead to the exposure of sensitive data. The CVE has been assigned a risk score of 25 and a base severity of HIGH, indicating its significance.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-46240 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options