CVE-2023-47417

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 20, 2023

Updated: Nov 28, 2023

CWE ID 79

Summary

CVE-2023-47417 is a Cross Site Scripting (XSS) vulnerability affecting the component /shells/embedder.html in DZSlides versions prior to v2011.07.25. Attackers can exploit this issue by injecting a malicious payload, which is then executed in a victim's web browser, granting unauthorized access or theft of sensitive information. This vulnerability poses a significant risk to users who view or interact with affected DZSlides presentations, necessitating immediate updates to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tSpOrp
https://www.cve.org/CVERecord?id=CVE-2023-47417
https://nvd.nist.gov/vuln/detail/CVE-2023-47417

Back to Vulnerability Database

CVE-2023-47417

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations