CVE-2023-51416
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2023-51416 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the EnvialoSimple EnvíaloSimple application. This issue grants an attacker the ability to manipulate a user's session, potentially leading to unauthorized actions being performed on their behalf. The vulnerability impacts versions 1.0 through 2.2 of EnvialoSimple, and users are strongly advised to upgrade to a secure version as soon as possible to mitigate this risk. A CSRF attack occurs when an attacker tricks a user into making unintended actions on a web application, exploiting trust between the user and the application. In this case, an attacker could use a malicious link to submit a malicious request under the victim's credentials, potentially leading to data theft or other unintended consequences.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.