CVE-2023-47670

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 18, 2023
Updated: Nov 24, 2023
CWE ID 352

Summary

CVE-2023-47670 is a Cross-Site Request Forgery (CSRF) vulnerability that affects the Korea SNS software from an unknown version up to 1.6.3. A successful exploit of this vulnerability allows an attacker to force an authenticated user to perform unintended actions on the affected website, potentially leading to data theft or unauthorized changes. The user is unlikely to be aware that a request has been made, making this a significant security concern. It is recommended that users upgrade to the latest version of Korea SNS to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share