CVE-2023-40659

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 14, 2023

Updated: Dec 19, 2023

CWE ID 79

Summary

CVE-2023-40659 is a newly-discovered cross-site scripting (XSS) vulnerability affecting the Easy Quick Contact module in Joomla. Attackers can exploit this flaw by injecting malicious scripts into web pages viewed by other users. Successful exploitation allows attackers to steal user data or take control of the affected user's session. Users are urged to update their Easy Quick Contact module to the latest version to mitigate this risk. Failure to do so may result in unauthorized access or data leakage.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sYhz2h
https://www.cve.org/CVERecord?id=CVE-2023-40659
https://nvd.nist.gov/vuln/detail/CVE-2023-40659

Back to Vulnerability Database

CVE-2023-40659

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations