CVE-2023-40172

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 18, 2023

Updated: Aug 23, 2023

CWE ID 352

Summary

CVE-2023-40172 is a vulnerability affecting the Social media skeleton project before version 1.0.5. This uncompleted social media framework, built using PHP, CSS, JavaScript, and HTML, was susceptible to Cross-Site Request Forgery (CSRF) attacks. In such attacks, an attacker deceives a user into executing unwanted actions on a website. This issue has been rectified in version 1.0.5, and users are encouraged to upgrade as soon as possible. Unfortunately, there are no known workarounds for this vulnerability, making the update the most effective solution.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sR3oFq
https://www.cve.org/CVERecord?id=CVE-2023-40172
https://nvd.nist.gov/vuln/detail/CVE-2023-40172

Back to Vulnerability Database

CVE-2023-40172

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations