CVE-2023-47650

Summary

CVE-2023-47650, a Cross-Site Request Forgery (CSRF) vulnerability, has been identified in Peter Sterling Add Local Avatar. This vulnerability affects versions of Add Local Avatar from n/a through 12.1. Multiple products are affected, including those with the IDs tlbVhG, tlbVhH, tlbVhE, tlbVhF, and many more. The risk score for this vulnerability is 66, categorizing it as a medium-severity issue. The base score is 6.5, with an impact score of 3.6. The exploitability score is 2.8. The potential danger lies in the ability for attackers to carry out unauthorized actions on behalf of authenticated users by tricking them into clicking on maliciously crafted links or visiting malicious websites that perform unauthorized actions on their behalf without their knowledge or consent. To remediate this vulnerability, it is recommended to update to a version of Add Local Avatar that is not affected by this issue or apply any necessary patches provided by the vendor to address the CSRF vulnerability and ensure the security of the affected products and systems. Note: The provided information does not contain any analysis description or additional context beyond the factual details about the vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.