CVE-2023-36139

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 4, 2023

Updated: Nov 7, 2023

CWE ID 345

Summary

CVE-2023-36139 is a vulnerability affecting the PHPJabbers Cleaning Business Software version 1.0. This issue allows remote attackers to gain unauthorized access to user accounts due to insufficient verification during the process of changing an email address and/or password on the Profile Page. Successful exploitation enables attackers to take over the targeted accounts, potentially leading to data breaches or further unauthorized actions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sMYLmG
https://www.cve.org/CVERecord?id=CVE-2023-36139
https://nvd.nist.gov/vuln/detail/CVE-2023-36139

Back to Vulnerability Database

CVE-2023-36139

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations