CVE-2023-39047

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 2, 2023

Updated: Nov 10, 2023

Summary

CVE-2023-39047 is a newly disclosed vulnerability affecting shouzu sweets oz version 13.6.1. This issue involves an information leak, granting attackers unauthorized access to the channel access token. With this token, adversaries can send malicious messages, potentially leading to serious security consequences. The precise nature of the information leak and the extent of the damage an attacker can inflict are still under investigation. It is recommended that users of shouzu sweets oz upgrade to a patched version as soon as possible to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

LY Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sG8Ugh
https://www.cve.org/CVERecord?id=CVE-2023-39047
https://nvd.nist.gov/vuln/detail/CVE-2023-39047

Back to Vulnerability Database

CVE-2023-39047

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations