CVE-2023-50843

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 28, 2023
Updated: Jan 4, 2024
CWE ID 89

Summary

CVE-2023-50843 is an SQL Injection vulnerability affecting Clockwork Clockwork SMS Notifications. The issue arises from improper neutralization of special elements in SQL commands. This weakness can be exploited to inject malicious code into SQL statements, potentially leading to unauthorized access or data manipulation. Clockwork SMS Notifications versions from n/a through 3.0.4 are vulnerable to this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share