CVE-2023-51423

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 31, 2023
Updated: Jan 5, 2024
CWE ID 89

Summary

CVE-2023-51423 is a vulnerability affecting the Webinar Plugin for Saleswonder, which allows creating live, evergreen, automated, and instant webinars, as well as streaming and Zoom Meetings via WebinarIgnition. The issue involves improper neutralization of special elements in SQL commands, leading to a SQL Injection vulnerability. This flaw can potentially be exploited by malicious actors to gain unauthorized access to sensitive data or even take control of the affected system. Versions from n/a through 3.05.0 of Webinar Plugin for Saleswonder are exposed to this vulnerability. Users are advised to update their software to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share