CVE-2023-37597

Summary

CVE-2023-37597 is a Cross-Site Request Forgery (CSRF) vulnerability affecting issabel-pbx version 4.0.0-6. This issue enables a remote attacker to execute malicious requests, leading to a denial of service. The grouplist function in delete user operation is the specific component targeted in this vulnerability, making it essential for users to update their systems to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.