CVE-2023-37826

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Sep 1, 2023

Updated: Sep 7, 2023

CWE ID 79

Summary

CVE-2023-37826 is a newly discovered cross-site scripting (XSS) vulnerability affecting General Solutions Steiner GmbH CASE 3 Taskmanagement Version 3.3. This issue permits attackers to inject and execute arbitrary web scripts or HTML codes by manipulating the fieldname parameter. Successful exploitation of this vulnerability could lead to unauthorized access to user sessions, data theft, or other malicious activities. It is essential that users update their CASE 3 Taskmanagement software to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

General Solutions

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r8dSFt
https://www.cve.org/CVERecord?id=CVE-2023-37826
https://nvd.nist.gov/vuln/detail/CVE-2023-37826

Back to Vulnerability Database

CVE-2023-37826

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations