CVE-2023-48882

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Nov 29, 2023
Updated: Dec 5, 2023
CWE ID 79

Summary

CVE-2023-48882 is a stored cross-site scripting (XSS) vulnerability in EyouCMS v1.6.4-UTF8-SP1. Attackers can exploit this vulnerability by injecting a crafted payload into the Document Properties field at /login.php m=admin&c=Index&a=changeTableVal&_ajax=1&lang=cn, allowing them to execute arbitrary web scripts or HTML. The affected product is EyouCMS v1.6.4-UTF8-SP1. The remediation for this vulnerability is to update to a patched version of the software when available. This vulnerability poses a medium danger to organizations as it requires high privileges and user interaction, but has low impact on integrity and confidentiality.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-48882 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options