CVE-2023-50609

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jan 6, 2024
Updated: Jan 11, 2024
CWE ID 79

Summary

CVE-2023-50609 is a Cross-Site Scripting (XSS) vulnerability affecting the AVA teaching video application service platform in version 3.1. This issue enables remote attackers to inject malicious code into web pages viewed by other users, exploiting the ajax.aspx file. Successful attacks can lead to the execution of arbitrary scripts, posing a significant threat to data confidentiality and integrity. Users are advised to update their systems to the latest version or apply relevant patches to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

  • Agri-Food and Veterinary Authority of Singapore