CVSS 3.1 Score 8.8 of 10 (high)


Published Dec 5, 2023
Updated: Dec 9, 2023
CWE ID 352


CVE-2023-49376 is a Cross-Site Request Forgery (CSRF) vulnerability found in JFinalCMS v5.0.0, specifically through the /admin/tag/delete endpoint. This vulnerability affects the tyCUMI product. The risk score is 65, indicating a high severity level. The base score is 8.8, and the impact score is 5.9, suggesting a significant potential danger to organizations. To remediate this vulnerability, it is recommended to implement measures to prevent CSRF attacks, such as using anti-CSRF tokens or implementing strict validation checks for user requests at the server-side level.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-49376 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options