CVE-2023-50847

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 28, 2023
Updated: Jan 4, 2024
CWE ID 89

Summary

CVE-2023-50847 is a critical SQL Injection vulnerability affecting the Collne Inc. Welcart e-Commerce platform. The issue arises from the application's failure to neutralize special elements in SQL commands, creating an opportunity for attackers to inject malicious code and potentially gain unauthorized access to sensitive data. This vulnerability can affect Welcart e-Commerce versions from n/a through 2.9.3, making it essential for users to apply the necessary patches as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share