CVE-2023-48836

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 7, 2023
Updated: Dec 9, 2023
CWE ID 79

Summary

CVE-2023-48836 is a vulnerability found in Car Rental Script 3.0 software, which is affected by multiple stored cross-site scripting (XSS) issues. These vulnerabilities can be exploited through various parameters such as name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name. The risk score for this vulnerability is 25 out of 100, indicating a medium severity level. The exploitability score is 2.3 out of 10, suggesting that it is relatively easy to exploit. The privileges required for an attacker are low and user interaction is required. The attack vector is through the network and the impact on integrity and confidentiality is low. To remediate this vulnerability, it is recommended to apply the latest patch or update provided by the software vendor as soon as possible. If left unaddressed, this vulnerability poses a potential danger to organizations using Car Rental Script 3.0 as it can allow attackers to inject malicious scripts into web pages viewed by users and potentially steal sensitive information or perform unauthorized actions on their behalf.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-48836 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options