CVE-2023-52196
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Published Jan 8, 2024
Updated: Jan 11, 2024
CWE ID 79
Summary
CVE-2023-52196 is a Cross-site Scripting (XSS) vulnerability affecting Phil Ewels CPT Bootstrap Carousel. The issue arises due to improper neutralization of user inputs during web page generation. An attacker can exploit this vulnerability to inject malicious scripts into a website, potentially stealing user data or taking control of their browser session. Affected versions of CPT Bootstrap Carousel include those from n/a through 1.12. It is crucial to update to the latest version or implement appropriate XSS protection measures to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share