CVSS 3.1 Score 6.5 of 10 (medium)


Published Nov 18, 2023
Updated: Nov 27, 2023
CWE ID 352


CVE-2023-47650, a Cross-Site Request Forgery (CSRF) vulnerability, has been identified in Peter Sterling Add Local Avatar. This vulnerability affects versions of Add Local Avatar from n/a through 12.1. Multiple products are affected, including those with the IDs tlbVhG, tlbVhH, tlbVhE, tlbVhF, and many more. The risk score for this vulnerability is 66, categorizing it as a medium-severity issue. The base score is 6.5, with an impact score of 3.6. The exploitability score is 2.8. The potential danger lies in the ability for attackers to carry out unauthorized actions on behalf of authenticated users by tricking them into clicking on maliciously crafted links or visiting malicious websites that perform unauthorized actions on their behalf without their knowledge or consent. To remediate this vulnerability, it is recommended to update to a version of Add Local Avatar that is not affected by this issue or apply any necessary patches provided by the vendor to address the CSRF vulnerability and ensure the security of the affected products and systems.

Note: The provided information does not contain any analysis description or additional context beyond the factual details about the vulnerability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-47650 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options