CVE-2023-48244

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jan 10, 2024
Updated: Jan 16, 2024
CWE ID 79

Summary

CVE-2023-48244 is a newly disclosed vulnerability that enables remote attackers to inject and execute arbitrary client-side script code within a victim's session. This can be accomplished through a specially crafted URL or HTTP request. Successful exploitation of this vulnerability can lead to serious security implications, including session hijacking, data theft, or unauthorized account access. Users are strongly advised to apply relevant patches or mitigations as soon as possible to protect against potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share