CVE-2023-3566

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 10, 2023

Updated: May 17, 2024

Summary

CVE-2023-3566 is a newly disclosed vulnerability affecting wallabag version 2.5.4. The issue lies within an unknown functionality of the component's Profile Config file, specifically the argument Name. Manipulation of this argument results in resource allocation. Unfortunately, an exploit for this vulnerability has been made public, increasing the risk for potential attacks. The identifier for this vulnerability is VDB-233359. Notably, the vendor was contacted regarding this disclosure but did not respond with any update or patch.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tr5ZM_
https://www.cve.org/CVERecord?id=CVE-2023-3566
https://nvd.nist.gov/vuln/detail/CVE-2023-3566

Back to Vulnerability Database