CVE-2023-5810
CVSS 3.1 Score 4.8 of 10 (medium)
Details
Summary
CVE-2023-5810 is a newly disclosed vulnerability affecting the flusity CMS, specifically the function loadPostAddForm in the core/tools/posts.php file. This issue is classified as problematic, allowing for cross-site scripting attacks via manipulation of the edit_post_id argument. The exploit can be initiated remotely and the public disclosure increases the risk of exploitation. Flusity CMS employs a rolling release strategy, so specific version details for affected and updated releases are unavailable. To mitigate this vulnerability, it is strongly recommended to apply the patch identified as 6943991c62ed87c7a57989a0cb7077316127def8. VDB-243641 is the assigned identifier for this security issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.