CVE-2023-3673

CVSS 3.1 Score 9.6 of 10 (high)

Details

Published Jul 14, 2023

Updated: Jul 26, 2023

CWE ID 416

Summary

CVE-2023-3673: A critical SQL injection vulnerability has been identified in the GitHub repository pimcore/pimcore before version 10.5.24. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL statements, potentially leading to unauthorized data access or modification. This issue could be exploited through specially crafted input in certain endpoints, making it essential for users to upgrade to a patched version as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Edge Chromium

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rykCV_
https://www.cve.org/CVERecord?id=CVE-2023-3673
https://nvd.nist.gov/vuln/detail/CVE-2023-3673

Back to Vulnerability Database