CVE-2023-40813

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 18, 2023

Updated: Nov 22, 2023

CWE ID 79

Summary

CVE-2023-40813 refers to a vulnerability in OpenCRX version 5.2.0. Malicious users can exploit this weakness by injecting HTML code during the creation of Activity Saved Searches. This can lead to unintended execution of malicious scripts in the user's browser, potentially compromising sensitive data or installing malware. Users are recommended to upgrade to a patched version of OpenCRX as soon as possible to mitigate this risk. Successful exploitation of this vulnerability may result in significant data loss, unauthorized access, or other forms of cyberattacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sbNPXi
https://www.cve.org/CVERecord?id=CVE-2023-40813
https://nvd.nist.gov/vuln/detail/CVE-2023-40813

Back to Vulnerability Database

CVE-2023-40813

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations