CVE-2023-38391

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Nov 4, 2023

Updated: Nov 9, 2023

CWE ID 89

Summary

CVE-2023-38391 is a newly identified SQL Injection vulnerability affecting Themesgrove Onepage Builder. The flaw, which allows an attacker to inject malicious SQL commands, can be exploited to gain unauthorized access to sensitive data or even take control of the affected system. This vulnerability exists in versions of Onepage Builder from n/a through 2.4.1 and requires immediate attention for patching or mitigation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sBkzzR
https://www.cve.org/CVERecord?id=CVE-2023-38391
https://nvd.nist.gov/vuln/detail/CVE-2023-38391

Back to Vulnerability Database

CVE-2023-38391

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations