CVE-2023-3785

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Jul 20, 2023

Updated: May 17, 2024

CWE ID 311

Summary

CVE-2023-3785 is a newly disclosed vulnerability affecting the PaulPrinting CMS 2018. This issue, rated as problematic, impacts an unidentified functionality of the software. The vulnerability allows for cross-site scripting (XSS) attacks through the manipulation of the firstname, lastname, address, city, and state arguments. An attacker can launch these attacks remotely, potentially injecting malicious scripts into unsuspecting users' browsers. The exploit for this vulnerability has been made public, making it a significant security concern for organizations using the affected CMS.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r8c2n9
https://www.cve.org/CVERecord?id=CVE-2023-3785
https://nvd.nist.gov/vuln/detail/CVE-2023-3785

Back to Vulnerability Database

CVE-2023-3785

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations