CVE-2023-49848
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2023-49848 is a Missing Authorization vulnerability discovered in the wooproductimporter Sharkdropship software used for dropshipping on Aliexpress, eBay, Amazon, and etsy. The flaw stems from inadequately configured access control security levels within the application, enabling unauthorized users to exploit the vulnerability. This issue affects all versions of Sharkdropship from n/a through 2.1.1. Successful exploitation could potentially lead to unauthorized access to sensitive data or system functions. Users are advised to upgrade to a patched version or take other mitigation measures to prevent potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.