CVE-2023-2853

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 10, 2023

Updated: Jul 14, 2023

Summary

CVE-2023-2853 is a Cross-site Scripting (XSS) vulnerability affecting Softmed SelfPatron before version 2.0. An attacker can exploit this issue by injecting malicious scripts into web pages generated by the software. The vulnerability stems from improper neutralization of user inputs. Successful exploitation could lead to unauthorized access to user data or sessions, potentially resulting in significant security risks. Users are urged to upgrade to the latest version of SelfPatron to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

OpenSSH

Affected Vendors

OpenBSD Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/qaQs89
https://www.cve.org/CVERecord?id=CVE-2023-2853
https://nvd.nist.gov/vuln/detail/CVE-2023-2853

Back to Vulnerability Database